[Résolu] Mon PC devient lent et certains logiciels ne fonctionnent plu

[laborantin]

Bonjour à tous

Je ne sais pas si je dois poster ce message sur ce forum. Si je me suis trompé d'emplacement, excusez moi et redirigez moi. Merci

 

1- Je n'ai pas pu télécharger ZHPDIAG sur mon PC. Je l'ai fait à partir d'un autre ordi. Une fois installée, le programme ne se lance pas .Il me dit raccourci manquant. Dans mon menu démarrer je trouve ZHP2 au lieu de ZHPDiag.

Je suis obligé de le lancer manuellement.

 

2- Au démarrage je sens une certaine lenteur.

 

3- Certains logiciels comme Google earth par exemple ne se lance plus.

Il est actif dans le gestionnaire de tâche mais rien n'apparait à l'écran.

 

J'ai pensé à une infection alors j'ai fais un scan avec Malwaresbytes. Aucune infection n'est trouvée.

 

Je viens de faire un diagnostic avec ZHPDiag et je vous laisse le rapport pour que vous le regardez avec vos yeux d'expert. Merci de l'étudier.

 

Rapport de ZHPDiag v1.27.24 par Nicolas Coolman, Update du 05/07/2011

Run by Léo at 19/07/2011 12:00:26

Web site : ZHPDiag Outil de diagnostic

 

 

---\\ Web Browser

MSIE: Internet Explorer v8.0.6001.18702 (Defaut)

MFIE: Mozilla Firefox v

GCIE: Google Chrome v11.0.696.60

 

---\\ System Information

Windows XP Professional Service Pack 3 (Build 2600)

Processor: x86 Family 6 Model 15 Stepping 6, GenuineIntel

Operating System: 32 Bits

Boot mode: Normal (Normal boot)

Total RAM: 1022 MB (31% free)

System Restore: Activé (Enable)

System drive C: has 12 GB (21%) free of 53 GB

 

---\\ Logged in mode

Computer Name: SUPERADA

User Name: Léo

All Users Names: XMENS, SUPPORT_388945a0, Léo, HelpAssistant, ASPNET, Administrateur,

Unselected Option: O45,O61,O62,O65,O66,O82

Logged in as Administrator

 

---\\ Environnement Variables

~ %AppData%=C:\Documents and Settings\Léo\Application Data\

~ %Desktop%=C:\Documents and Settings\Léo\Bureau\

~ %Favorites%=C:\Documents and Settings\Léo\Favoris\

~ %LocalAppData%=C:\Documents and Settings\Léo\Local Settings\Application Data\

~ %StartMenu%=C:\Documents and Settings\Léo\Menu Démarrer\

 

---\\ DOS/Devices

C:\ Hard drive, Flash drive, Thumb drive (Free 12 Go of 53 Go)

D:\ Hard drive, Flash drive, Thumb drive (Free 7 Go of 54 Go)

E:\ CD-ROM drive (Not Inserted)

 

 

 

---\\ Security Center & Tools Informations

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] AntiVirusDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Security Center] FirewallOverride: OK

[HKLM\SOFTWARE\Microsoft\Security Center] UpdatesDisableNotify: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\NOHIDDEN] CheckedValue: OK

[HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] WarnOnHTTPSToHTTPRedirect: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL] CheckedValue: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Application: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] Intl: OK

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations] XMLLookup: OK

 

 

 

---\\ Recherche particulière de fichiers génériques

[MD5.F2317622D29F9FF0F88AEECD5F60F0DD] - (.Microsoft Corporation - Explorateur Windows.) (.19/07/2011 - 04:34:04.) -- C:\WINDOWS\Explorer.exe [1037824]

[MD5.42F5E14E33D79C236680468B1E4999F4] - (.Microsoft Corporation - Internet Extensions for Win32.) (.19/07/2011 - 16:06:12.) -- C:\WINDOWS\system32\wininet.dll [916480]

[MD5.DD73D6B9F6B4CB630CF35B438B540174] - (.Microsoft Corporation - Application d'ouverture de session Windows NT.) (.19/07/2011 - 04:34:28.) -- C:\WINDOWS\system32\Winlogon.exe [512000]

[MD5.9F3A2F5AA6875C72BF062C712CFA2674] - (.Microsoft Corporation - IDE/ATAPI Port Driver.) (.19/07/2011 - 20:40:30.) -- C:\WINDOWS\system32\drivers\atapi.sys [96512]

[MD5.78A08DD6A8D65E697C18E1DB01C5CDCA] - (.Microsoft Corporation - NT File System Driver.) (.19/07/2011 - 21:15:54.) -- C:\WINDOWS\system32\drivers\ntfs.sys [574976]

 

 

 

---\\ Etat des fichiers cachés (Caché/Total)

~ Mes images (My Pictures) : 27/1598

~ Mes musiques (My Musics) : 5/69

~ Mes Videos (My Video) : 0/17

~ Mes Favoris (My Favorites) : 2/10

~ Mes Documents (My Documents) : 380/24332

~ Mon Bureau (My Desktop) : 1/20

~ Menu demarrer (Programs) : 5/46

 

 

 

---\\ Processus lancés

[MD5.90DC23D940551DB35367FB1E40575B25] - (.Microsoft Corporation - Antimalware Service Executable.) -- c:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736]

[MD5.56DED3ADE453272E6A0AD582D945D1A4] - (.Intel Corporation - Intel® PROSet/Wireless Event Log.) -- C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753]

[MD5.6C5155CC0E805C7BE6028BFF7AC14524] - (.Intel Corporation - Wireless Management Service.) -- C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745]

[MD5.769DB4F484957CC98153B3C1B5D1162F] - (.ArcSoft Inc. - ArcSoft Connect Service.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe [109056]

[MD5.717EBC644D096C77B39B6B6A174D1B49] - (.Macrovision Corporation - Pas de description.) -- C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe [1372160]

[MD5.E1EC228D87915050BDF59F6331AD7247] - (.Avocent Inc. - Service Program for Acer.) -- C:\Acer\Empowering Technology\admServ.exe [1314816]

[MD5.381110584AEE6D3DDAA76A63ADD64D42] - (...) -- C:\PROGRA~1\ESRI\License\arcgis9x\ARCGIS.EXE [1757184]

[MD5.73686FE0B2E0469F89FD2075BE724704] - (.Apple Computer, Inc. - Bonjour Service.) -- C:\Program Files\Bonjour\mDNSResponder.exe [229376]

[MD5.9BDBDA21D3BA8E374FD06A405BE10215] - (.Macrovision - Macrovision RTS Service.) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE [54784]

[MD5.5D1347AA5AE6E2F77D7F4F8372D95AC9] - (.Microsoft Corporation - Media Center Receiver Service.) -- C:\WINDOWS\eHome\ehRecvr.exe [237568]

[MD5.980EEEA91776357518892C5544768E2B] - (.Microsoft Corporation - Service de planification Media Center.) -- C:\WINDOWS\eHome\ehSched.exe [103424]

[MD5.5E06A9D23727DAF96FAA796F1135FDCD] - (.Sun Microsystems, Inc. - Java Quick Starter Service.) -- C:\Program Files\Java\jre6\bin\jqs.exe [153376]

[MD5.86E8BCAA91FC2ACFACD99CF2BF9F1F47] - (.Hewlett-Packard Company - Pas de description.) -- C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [49152]

[MD5.11F714F85530A2BD134074DC30E99FCA] - (.Microsoft Corporation - Machine Debug Manager.) -- C:\Program Files\Fichiers communs\Microsoft Shared\VS7DEBUG\MDM.EXE [322120]

[MD5.FD306FBCCE7ADB1077B709742E7148E9] - (...) -- C:\Program Files\CDBurnerXP\NMSAccessU.exe [71096]

[MD5.6D88C26BF33D2B8404F01CECBDD47D3A] - (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 86.02.) -- C:\WINDOWS\system32\nvsvc32.exe [143426]

[MD5.1B2857EF12D79A9F9ADBA14B0637CBF8] - (.Intel Corporation - Intel® PROSet/Wireless Registry Service.) -- C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164]

[MD5.ACCDF944417FCE3B9BDDFC197C704A27] - (.SafeNet, Inc - Pas de description.) -- C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe [206400]

[MD5.45A0772A49914786AD64471205938CE9] - (.Microsoft Corporation - Service SNMP.) -- C:\WINDOWS\System32\snmp.exe [33280]

[MD5.DD0042F0C3B606A6A8B92D49AFB18AD6] - (.Yahoo! Inc. - AutoUpater Service Module.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe [602392]

[MD5.E4D20625DBD37ADEE96383B1B010EDA0] - (.Microsoft Corporation - Message Queuing Service.) -- C:\WINDOWS\system32\mqsvc.exe [4608]

[MD5.62BB79160F86CD962F312C68C6239BFD] - (.Microsoft Corporation - Windows Update.) -- C:\WINDOWS\system32\wuauclt.exe [53472]

[MD5.9D33A0FFF7798747F9C98A75912C0042] - (.Microsoft Corporation - Windows NT MSMQ Trigger Service.) -- C:\WINDOWS\system32\mqtgsvc.exe [117248]

[MD5.0DAD93BB0FECF5016AE3C06CBB0A873B] - (.Microsoft Corporation - COM Surrogate.) -- C:\WINDOWS\system32\dllhost.exe [5120]

[MD5.FEE2BA1AD38F457F418E82EA30724053] - (.Microsoft Corporation - Microsoft Feeds Synchronization.) -- C:\WINDOWS\system32\msfeedssync.exe [13312]

[MD5.9C69E6A25F5500501B14AF43311F8D8B] - (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe [64512]

[MD5.DAEFB050AC8FEE4F1097FCF7CB97220E] - (.Microsoft Corporation - Media Center Media Status Aggregator Servic.) -- C:\WINDOWS\eHome\ehmsas.exe [46592]

[MD5.2F86B8A2CA6DB95FA981890F34E54EE7] - (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe [397312]

[MD5.33F7659872C1C2CE295FBD1754B63957] - (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.EXE [16248320]

[MD5.E5E34AB0B5B4214480F6E5D9B45F049F] - (.HiTRUST - eDSloader.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe [69632]

[MD5.93AD0B78C7357A05F50E594EC7C22300] - (...) -- C:\WINDOWS\system32\rundll32.exe [33792]

[MD5.C9072E57FB44288EA91FE7979582A8FB] - (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe [593920]

[MD5.1D8FCB6541E74894224296DCDAD6BEDF] - (.Avocent Inc. - Tray Program for Acer.) -- C:\Acer\Empowering Technology\admtray.exe [2462208]

[MD5.59307A84CACE50B66089DBD5F74EA17A] - (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [761946]

[MD5.0B947E1828A83D19E7E32997F982AA2A] - (.Acer Incorporated - Acer ePower Management DMC.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe [352256]

[MD5.926A397334FE426A6C7657096FE681DB] - (.Hewlett-Packard Development Company, L.P. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152]

[MD5.2E5212A0BFB98FE0167C92C76C87AFE3] - (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [249064]

[MD5.4543367E50BD35E7D1269D42841B156E] - (.Hewlett-Packard Development Company, L.P. - HP Digital Imaging Monitor.) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [288472]

[MD5.CFE5228556C93D03D6753E7953CCD4A9] - (.Adobe Systems Inc. - AcroTray.) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [217194]

[MD5.7EDAF6D5B928A4D81EB20D6F97C1225B] - (.Realtek Semiconductor Corp. - Realtek HD Audio Data Rerouter.) -- C:\DOCUME~1\LÉO\LOCALS~1\Temp\RtkBtMnt.exe [507904]

[MD5.EE7B9D446C9C49228008CB39204C5CAA] - (.FUJIFILM Corporation - Exif Launcher 2.) -- C:\Program Files\FinePixViewer\QuickDCF2.exe [303104]

[MD5.88029974B1C9995CFA3BD9560BBA2EEF] - (.Hewlett-Packard Development Company, L.P. - HP CUE Status.) -- C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe [239320]

[MD5.AE45DDF08B6949057CDB2D2EAAD3DEC4] - (.Nicolas Coolman - Diagnostic Tool.) -- C:\Program Files\ZHPDiag\ZHPDiag.exe [656896]

 

 

 

---\\ Mozilla Firefox, Plugins,Demarrage,Recherche,Extensions (P2,M0,M1,M2,M3)

C:\Documents and Settings\Léo\Local Settings\Application Data\Mozilla\Firefox\Profiles\4tsqm6fc.default\prefs.js

M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo.xml

M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\amazon-france.xml

M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\cnrtl-tlfi-fr.xml

M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\eBay-france.xml

M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\google.xml

M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\wikipedia-fr.xml

M3 - MFPP: Plugins - [Léo] -- C:\Program Files\Mozilla FireFox\searchplugins\yahoo-france.xml

P2 - FPN:Firefox Plugin Navigator . (.Microsoft Corporation - Office Plugin for Netscape Navigator.) -- C:\Program Files\Mozilla Firefox\Plugins\NPOFFICE.DLL

P2 - FPN:Firefox Plugin Navigator . (.Sun Microsystems, Inc. - NPRuntime Script Plug-in Library for Java Deploy.) -- C:\Program Files\Mozilla Firefox\Plugins\npdeployJava1.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin2.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin3.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin4.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin5.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin6.dll

P2 - FPN:Firefox Plugin Navigator . (.Apple Inc. - The QuickTime Plugin allows you to view a wide variety of multimedia c.) -- C:\Program Files\Mozilla Firefox\Plugins\npqtplugin7.dll

P2 - FPN:Firefox Plugin Navigator . (.Adobe Systems Inc. - Adobe Acrobat Plug-In Version 6.00 for Netscape.) -- C:\Program Files\Mozilla Firefox\Plugins\nppdf32.dll

P2 - FPN:Firefox Plugin Navigator . (.mozilla.org - Default Plug-in.) -- C:\Program Files\Mozilla Firefox\Plugins\npnul32.dll

P2 - FPN: [HKLM] [@Google.com/GoogleEarthPlugin] - (.Google - GEPlugin.) -- C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

P2 - FPN: [HKLM] [@java.com/JavaPlugin] - (.Sun Microsystems, Inc. - Next Generation Java Plug-in 1.6.0_24 for Mozilla browsers.) -- C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll

P2 - FPN: [HKLM] [@Microsoft.com/NpCtrl,version=1.0] - (. Microsoft Corporation - 4.0.60531.0.) -- c:\Program Files\Microsoft Silverlight\4.0.60531.0\npctrl.dll

P2 - FPN: [HKLM] [@microsoft.com/OfficeLive,version=1.3] - (.Microsoft Corp. - Office Live Update v1.3.) -- C:\Program Files\Microsoft\Office Live\npOLW.dll

P2 - FPN: [HKLM] [@microsoft.com/WLPG,version=14.0.8081.0709] - (.Microsoft Corporation - NPWLPG.) -- C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll

P2 - FPN: [HKLM] [@microsoft.com/WPF,version=3.5] - (.Microsoft Corporation - Windows Presentation Foundation (WPF) plug-in for Mozilla browsers.) -- c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=3] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@tools.google.com/Google Update;version=9] - (.Google Inc. - Google Update.) -- C:\Program Files\Google\Update\1.3.21.57\npGoogleUpdate3.dll

P2 - FPN: [HKLM] [@videolan.org/vlc,version=1.0.5] - (.the VideoLAN Team - Version 1.0.5, copyright 1996-2010 The VideoLAN Team<br><a href="http:.) -- C:\Program Files\VideoLAN\VLC\npvlc.dll

 

 

 

---\\ Google Chrome, Démarrage,Recherche,Extensions (G0,G1,G2)

C:\Documents and Settings\Léo\Local Settings\Application Data\Google\Chrome\User Data\Default\Preferences

G1 - GCS: Preference [user Data\Default] None

G0 - GCSP: Preference [user Data\Default][HomePage] Yahoo! France

G2 - GCE: Preference [user Data\Default] [fjhheinojdpanfehodhfnliapkofeppf] ToutSurGoogleEarth v.2.3.0.8 (Activé)

 

 

 

---\\ Internet Explorer, Démarrage,Recherche,URLSearchHook, Phishing (R0,R1,R3,R4)

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R0 - HKUS\S-1-5-21-2965774411-1647369187-2304096231-1005\Software\Microsoft\Internet Explorer\Main,Start Page = MSN : Hotmail, Messenger, Bing, Actualité et Sport

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Microsoft Corporation

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Extensions Off Page = about:noadd-ons

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Security Risk Page = about:securityrisk

R1 - HKUS\S-1-5-21-2965774411-1647369187-2304096231-1005\Software\Microsoft\Internet Explorer\Main,Search Page = Search Microsoft.com

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} . (.Microsoft Corporation - Internet Explorer.) (8.00.6001.19072 (longhorn_ie8_gdr.110420-1700)) -- C:\WINDOWS\system32\ieframe.dll

R4 - HKLM\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,EnabledV8 = 0

R4 - HKCU\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter,Enabled = 2

 

 

 

---\\ Internet Explorer, Proxy Management (R5)

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = no key

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyEnable = 0

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,MigrateProxy = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

R5 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigProxy = wininet.dll

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,EnableHttp1_1 = 1

R5 - HKLM\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyHttp1.1 = 1

 

 

 

---\\ ---\\ Modification d'une valeur Ini (Changed inifile value, mapped to Registry) (F2)

F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\Userinit.exe,

F2 - REG:system.ini: VMApplet=rundll32 shell32,Control_RunDLL "sysdm.cpl"

 

 

 

---\\ Browser Helper Objects de navigateur (O2)

O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} . (.Adobe Systems Incorporated - Adobe Acrobat IE Helper Version 6.0 for Act.) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} Clé orpheline

O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} . (.Microsoft Corporation - Search Helper for Internet Explorer.) -- C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll

O2 - BHO: Programme d'aide de l'Assistant de connexion Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} . (.Microsoft Corporation - WindowsLiveLogin.dll.) -- C:\Program Files\Fichiers communs\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} . (...) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\5.5.5126.1836\swg.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} . (.Sun Microsystems, Inc. - Java Platform SE binary.) -- C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} . (.Sun Microsystems, Inc. - Java Quick Starter binary.) -- C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} . (.Yahoo! Inc - Yahoo! Single Instance for Mail.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\YTSingleInstance.dll

 

 

 

---\\ Internet Explorer Toolbars (O3)

O3 - Toolbar: Acer eDataSecurity Management - {5CBE3B7C-1E47-477e-A7DD-396DB0476E29} . (.HiTRUST - ToolBand Module.) -- C:\WINDOWS\system32\eDStoolbar.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} . (.Yahoo! Inc. - Yahoo! Toolbar.) -- C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll

O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} . (.Microsoft Corporation - Windows Live Toolbar Core.) -- C:\Program Files\Windows Live\Toolbar\wltcore.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} . (.Google Inc. - Google Toolbar.) -- C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} . (...) -- C:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll

 

 

 

---\\ ---\\ Applications démarrées par registre & par dossier (O4)

O4 - HKLM\..\Run: [ehTray] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [LaunchApp] Clé orpheline

O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe

O4 - HKLM\..\Run: [eDataSecurity Loader] . (.HiTRUST - eDSloader.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] bthprops.cpl

O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll

O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll

O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [eRecoveryService] . (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe

O4 - HKLM\..\Run: [MsmqIntCert] regsvr32 \s mqrt.dll

O4 - HKLM\..\Run: [igfxhkcmd] . (.Intel Corporation - hkcmd Module.) -- C:\WINDOWS\system32\hkcmd.exe

O4 - HKLM\..\Run: [ADMTray.exe] . (.Avocent Inc. - Tray Program for Acer.) -- C:\Acer\Empowering Technology\admtray.exe

O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

O4 - HKLM\..\Run: [synTPEnh] . (.Synaptics, Inc. - Synaptics TouchPad Enhancements.) -- C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Windows\System32\nwiz.exe

O4 - HKLM\..\Run: [iMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe

O4 - HKLM\..\Run: [igfxtray] . (.Intel Corporation - igfxTray Module.) -- C:\WINDOWS\system32\igfxtray.exe

O4 - HKLM\..\Run: [igfxpers] . (.Intel Corporation - persistence Module.) -- C:\WINDOWS\system32\igfxpers.exe

O4 - HKLM\..\Run: [ePower_DMC] . (.Acer Incorporated - Acer ePower Management DMC.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM\..\Run: [AzMixerSel] . (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe

O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Development Company, L.P. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKLM\..\Run: [sunJavaUpdateSched] . (.Sun Microsystems, Inc. - Java Update Scheduler.) -- C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe

O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe

O4 - HKUS\S-1-5-21-2965774411-1647369187-2304096231-1005\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk . (.Adobe Systems Inc..) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\ExifLauncher2.lnk . (.FUJIFILM Corporation.) -- C:\Program Files\FinePixViewer\QuickDCF2.exe

 

 

 

---\\ ---\\ Autres liens utilisateurs (O4)

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\IncrediMail.lnk . (.IncrediMail, Ltd..) -- C:\Program Files\IncrediMail\Bin\IncMail.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Microsoft Security Essentials.lnk . (.Microsoft Corporation.) -- C:\Program Files\Microsoft Security Client\msseces.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Enregistrement OCR I.R.I.S..lnk . (.I.R.I.S. SA.) -- C:\Program Files\HP\Digital Imaging\DocProc\regipe.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Acrobat Distiller 6.0.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000001}\SC_Distiller_PFM.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Adobe Acrobat 6.0 Professional.lnk . (...) -- C:\WINDOWS\Installer\{AC76BA86-1033-0000-7760-000000000001}\SC_Acrobat_PFM_1.ico

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\PhoneSuite.lnk . (...) -- C:\Program Files\LG Mobile\PhoneSuite\PhoneSuite.exe

 

 

 

---\\ Boutons situés sur la barre d'outils principale d'Internet Explorer (O9)

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} . (.Microsoft Corporation - Windows Live Writer Blog This Extension.) -- C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra button: &Ajout Direct dans Windows Live Writer - {92780B25-18CC-41C8-B9BE-3C9C571A8263} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO

O9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} . (...) -- C:\PROGRA~1\MICROS~2\OFFICE11\REFBARH.ICO

O9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} . (.Microsoft Corporation - Windows Messenger.) -- C:\Program Files\Messenger\msmsgs.exe

 

 

 

---\\ Winsock hijacker (Layered Service Provider) (O10)

O10 - WLSP:\000000000001\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000002\Winsock LSP File . (.Microsoft Corporation - LDAP RnR Provider DLL.) -- C:\WINDOWS\system32\winrnr.dll

O10 - WLSP:\000000000003\Winsock LSP File . (.Microsoft Corporation - Fournisseur de service Sockets 2.0 de Microsoft Windows.) -- C:\WINDOWS\system32\mswsock.dll

O10 - WLSP:\000000000004\Winsock LSP File . (.Microsoft Corporation - Windows Sockets Helper DLL.) -- C:\WINDOWS\system32\wshbth.dll

O10 - WLSP:\000000000005\Winsock LSP File . (.Apple Computer, Inc. - Bonjour Namespace Provider.) -- C:\Program Files\Bonjour\mdnsNSP.dll

 

 

 

---\\ Objets ActiveX (Downloaded Program Files)(O16)

O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - (Installation Support) - (.Yahoo! Inc. - YInstHelper Module.) -- C:\Program Files\Yahoo!\Common\Yinsthelper.dll

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1256888686171

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} () - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

 

 

 

---\\ Modification Domaine/Adresses DNS (O17)

O17 - HKLM\System\CCS\Services\Tcpip\..\{89F970BE-491F-4B9C-889C-CC7B7F9A9DBB}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17

O17 - HKLM\System\CS2\Services\Tcpip\..\{89F970BE-491F-4B9C-889C-CC7B7F9A9DBB}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17

O17 - HKLM\System\CS3\Services\Tcpip\..\{89F970BE-491F-4B9C-889C-CC7B7F9A9DBB}: NameServer = 10.10.1.100,10.10.1.150,41.207.160.45,41.207.177.17

O17 - HKLM\System\CS3\Services\Tcpip\..\{89F970BE-491F-4B9C-889C-CC7B7F9A9DBB}: DhcpNameServer = 10.10.1.150

 

 

 

---\\ Valeur de Registre AppInit_DLLs et sous-clés Winlogon Notify (autorun) (O20)

O20 - Winlogon Notify: crypt32chain . (.Microsoft Corporation - Crypto API32.) -- C:\Windows\System32\crypt32.dll

O20 - Winlogon Notify: cryptnet . (.Microsoft Corporation - Crypto Network Related API.) -- C:\Windows\System32\cryptnet.dll

O20 - Winlogon Notify: cscdll . (.Microsoft Corporation - Agent réseau hors connexion.) -- C:\Windows\System32\cscdll.dll

O20 - Winlogon Notify: dimsntfy . (.Microsoft Corporation - DIMS Notification Handler.) -- C:\WINDOWS\System32\dimsntfy.dll

O20 - Winlogon Notify: igfxcui . (.Intel Corporation - igfxdev Module.) -- C:\Windows\System32\igfxdev.dll

O20 - Winlogon Notify: ScCertProp . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: Schedule . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: sclgntfy . (.Microsoft Corporation - DLL secondaire de notification de service d.) -- C:\Windows\System32\sclgntfy.dll

O20 - Winlogon Notify: SensLogn . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\WlNotify.dll

O20 - Winlogon Notify: termsrv . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

O20 - Winlogon Notify: wlballoon . (.Microsoft Corporation - DLL commune de réception des notifications.) -- C:\Windows\System32\wlnotify.dll

 

 

 

---\\ Clé de Registre autorun ShellServiceObjectDelayLoad (SSO/SSODL) (O21)

O21 - SSODL: PostBootReminder - {7849596a-48ea-486e-8937-a2a3009f31a9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: CDBurn - {fbeb8a05-beee-4442-804e-409d6c4515e9} . (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\WINDOWS\system32\SHELL32.dll

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} . (.Microsoft Corporation - Web Site Monitor.) -- C:\WINDOWS\system32\webcheck.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} . (.Microsoft Corporation - Windows Portable Device Shell Service Objec.) -- C:\WINDOWS\system32\WPDShServiceObj.dll

O21 - SSODL: SysTray - {35CEC8A3-2BE6-11D2-8773-92E220524153} . (.Microsoft Corporation - Objet du service d'environnement Systray.) -- C:\WINDOWS\system32\stobject.dll

 

 

 

---\\ Clé de Registre autorun SharedTaskScheduler (STS) (O22)

O22 - SharedTaskScheduler: (no name) - {438755C2-A8BA-11D1-B96B-00A0C90312E1} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: (no name) - {8C7461EF-2B13-11d2-BE35-3078302C2030} . (.Microsoft Corporation - Bibliothèque de l'interface utilisateur du.) -- C:\WINDOWS\system32\browseui.dll

 

 

 

---\\ Liste des services NT non Microsoft et non désactivés (O23)

O23 - Service: ArcSoft Connect Daemon (ACDaemon) . (.ArcSoft Inc. - ArcSoft Connect Service.) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe

O23 - Service: ArcGIS License Manager (ArcGIS License Manager) . (.Macrovision Corporation - Pas de description.) - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe

O23 - Service: AdminWorks Agent X6 (AWService) . (.Avocent Inc. - Service Program for Acer.) - C:\Acer\Empowering Technology\admServ.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) . (.Apple Computer, Inc. - Bonjour Service.) - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: C-DillaCdaC11BA (C-DillaCdaC11BA) . (.Macrovision - Macrovision RTS Service.) - C:\WINDOWS\system32\drivers\CDAC11BA.exe

O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) . (.Intel Corporation - Intel® PROSet/Wireless Event Log.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

O23 - Service: Google Update Service (gupdate) (gupdate) . (.Google Inc. - Programme d'installation de Google.) - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) . (.Sun Microsystems, Inc. - Java Quick Starter Service.) - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) . (.Hewlett-Packard Company - Pas de description.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

O23 - Service: NMSAccessU (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) . (.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 86.02.) - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Pml Driver HPZ12 (Pml Driver HPZ12) . (.HP - PML Driver.) - C:\WINDOWS\SYSTEM32\HPZipm12.exe

O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) . (.Intel Corporation - Intel® PROSet/Wireless Registry Service.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) . (.Intel Corporation - Wireless Management Service.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

O23 - Service: Sentinel Protection Server (SentinelProtectionServer) . (.SafeNet, Inc - Pas de description.) - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

O23 - Service: Yahoo! Updater (YahooAUService) . (.Yahoo! Inc. - AutoUpater Service Module.) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

 

 

 

---\\ Enumération Active Desktop & MHTML Editor (O24)

O24 - Default MHTML Editor: Last - .(...) - (.not file.)

 

 

 

---\\ Tâches planifiées en automatique (O39)

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\MpIdleTask.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GlaryInitialize.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\User_Feed_Synchronization-{0C00C19F-D2EC-4FE7-BF0F-B3460F5BC139}.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-2965774411-1647369187-2304096231-1005Core.job

O39 - APT:Automatic Planified Task - C:\WINDOWS\Tasks\mbam.job

[MD5.6745EF9F67D02E1BDDE0D3A1E4C9E7C8] [APT] [GlaryInitialize] (.Glarysoft Ltd.) -- C:\Program Files\Glary Utilities\initialize.exe

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineCore] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.626A24ED1228580B9518C01930936DF9] [APT] [GoogleUpdateTaskMachineUA] (.Google Inc..) -- C:\Program Files\Google\Update\GoogleUpdate.exe

[MD5.00000000000000000000000000000000] [APT] [GoogleUpdateTaskUserS-1-5-21-2965774411-1647369187-2304096231-1005Core] (...) -- C:\Documents and Settings\Léo\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (.not file.)

 

 

 

---\\ Pilotes lancés au démarrage (O41)

O41 - Driver: (AFD) . (.Microsoft Corporation - Ancillary Function Driver for WinSock.) - C:\WINDOWS\system32\drivers\afd.sys

O41 - Driver: (Cdrom) . (.Microsoft Corporation - SCSI CD-ROM Driver.) - C:\WINDOWS\System32\DRIVERS\cdrom.sys

O41 - Driver: (i8042prt) . (.Microsoft Corporation - Pilote de port i8042.) - C:\WINDOWS\System32\DRIVERS\i8042prt.sys

O41 - Driver: (Imapi) . (.Microsoft Corporation - IMAPI Kernel Driver.) - C:\WINDOWS\System32\DRIVERS\imapi.sys

O41 - Driver: (intelppm) . (.Microsoft Corporation - Pilote de périphérique processeur.) - C:\WINDOWS\System32\DRIVERS\intelppm.sys

O41 - Driver: (IPSec) . (.Microsoft Corporation - IPSec Driver.) - C:\WINDOWS\System32\DRIVERS\ipsec.sys

O41 - Driver: (Kbdclass) . (.Microsoft Corporation - Pilote de la classe Clavier.) - C:\WINDOWS\System32\DRIVERS\kbdclass.sys

O41 - Driver: (kbdhid) . (.Microsoft Corporation - Pilote de filtre souris HID.) - C:\WINDOWS\System32\DRIVERS\kbdhid.sys

O41 - Driver: (Mouclass) . (.Microsoft Corporation - Pilote de la classe Souris.) - C:\WINDOWS\System32\DRIVERS\mouclass.sys

O41 - Driver: (MpFilter) . (.Microsoft Corporation - Microsoft antimalware file system filter dr.) - C:\WINDOWS\System32\DRIVERS\MpFilter.sys

O41 - Driver: (MpKsl059fd6f3) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70587FC1-F1FE-4931-8ECA-F3A73E5CB257}\MpKsl059fd6f3.sys (.not file.)

O41 - Driver: (MpKsl14c7559d) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70587FC1-F1FE-4931-8ECA-F3A73E5CB257}\MpKsl14c7559d.sys (.not file.)

O41 - Driver: (MpKsl1545e10f) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{352A3E1A-4947-466E-9FD2-1BDE1B6AD55B}\MpKsl1545e10f.sys (.not file.)

O41 - Driver: (MpKsl31e6e356) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKsl31e6e356.sys (.not file.)

O41 - Driver: (MpKsl4264fd3c) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66EB5A84-FB4A-4DF8-8849-D2D09FD73757}\MpKsl4264fd3c.sys (.not file.)

O41 - Driver: (MpKsl5ee0c2c1) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CC8B1738-7BE2-4955-B7D7-3042B74182B5}\MpKsl5ee0c2c1.sys (.not file.)

O41 - Driver: (MpKsl78a03ae0) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{24C39D1F-3634-419A-822B-A42832432D6D}\MpKsl78a03ae0.sys (.not file.)

O41 - Driver: (MpKsl865e3a82) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{352A3E1A-4947-466E-9FD2-1BDE1B6AD55B}\MpKsl865e3a82.sys (.not file.)

O41 - Driver: (MpKslc380be54) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKslc380be54.sys (.not file.)

O41 - Driver: (MpKslc5beb97f) . (.Microsoft Corporation - KSLDriver.) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{D653EF46-9CE0-445E-AB6B-24EF4588DB08}\MpKslc5beb97f.sys

O41 - Driver: (MpKsld2d7d400) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5AC1D08C-71FF-426E-B7B0-4518D6E10500}\MpKsld2d7d400.sys (.not file.)

O41 - Driver: (MpKsld3c648d7) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKsld3c648d7.sys (.not file.)

O41 - Driver: (MpKsle761210b) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F0134EE-93F4-4D17-9B3F-60CB6DD7EE45}\MpKsle761210b.sys (.not file.)

O41 - Driver: (MpKslfdcc348c) . (. - .) - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{79A2899B-1775-4AB8-ABE0-1EC13EAFDB28}\MpKslfdcc348c.sys (.not file.)

O41 - Driver: (MRxSmb) . (.Microsoft Corporation - Windows NT SMB Minirdr.) - C:\WINDOWS\System32\DRIVERS\mrxsmb.sys

O41 - Driver: (NetBIOS) . (.Microsoft Corporation - NetBIOS interface driver.) - C:\WINDOWS\System32\DRIVERS\netbios.sys

O41 - Driver: (NetBT) . (.Microsoft Corporation - MBT Transport driver.) - C:\WINDOWS\System32\DRIVERS\netbt.sys

O41 - Driver: (OsaFsLoc) . (.OSA Technologies - Filesystem Lock driver.) - C:\WINDOWS\system32\drivers\OsaFsLoc.sys

O41 - Driver: (RasAcd) . (.Microsoft Corporation - RAS Automatic Connection Driver.) - C:\WINDOWS\System32\DRIVERS\rasacd.sys

O41 - Driver: (Rdbss) . (.Microsoft Corporation - Redirected Drive Buffering SubSystem Driver.) - C:\WINDOWS\System32\DRIVERS\rdbss.sys

O41 - Driver: (RDPCDD) . (.Microsoft Corporation - RDP Miniport.) - C:\WINDOWS\System32\DRIVERS\RDPCDD.sys

O41 - Driver: (redbook) . (.Microsoft Corporation - Pilote de filtre audio Livre rouge.) - C:\WINDOWS\System32\DRIVERS\redbook.sys

O41 - Driver: (Tcpip) . (.Microsoft Corporation - TCP/IP Protocol Driver.) - C:\WINDOWS\System32\DRIVERS\tcpip.sys

O41 - Driver: (TermDD) . (.Microsoft Corporation - Terminal Server Driver.) - C:\WINDOWS\System32\DRIVERS\termdd.sys

O41 - Driver: Carte vidéo VGA. (VgaSave) . (.Microsoft Corporation - VGA/Super VGA Video Driver.) - C:\WINDOWS\system32\drivers\vga.sys

O41 - Driver: (WmiAcpi) . (.Microsoft Corporation - Windows Management Interface for ACPI.) - C:\WINDOWS\System32\DRIVERS\wmiacpi.sys

 

 

 

---\\ Logiciels installés (O42)

O42 - Logiciel: Acer Empowering Technology framework - (.Acer Inc..) [HKLM] -- InstallShield_{15B70821-7893-4607-805A-BB80F3EA8279}

O42 - Logiciel: Acer Screensaver - (.acer.) [HKLM] -- {D458BBDC-0363-42E0-8FF9-4736E3CB3CA2}

O42 - Logiciel: Acer eDataSecurity Management 1.00.26 - (.Acer.) [HKLM] -- {E431C518-2EE2-471E-9234-BE995C36D513}

O42 - Logiciel: Acer eLock Management - (.Acer Inc..) [HKLM] -- InstallShield_{6CA897D0-67F5-4F75-8261-DC8BFCA6DA42}

O42 - Logiciel: Acer eNet Management - (.Pas de propriétaire.) [HKLM] -- {C06554A1-2C1E-4D20-B613-EE62C79927CC}

O42 - Logiciel: Acer ePerformance Management - (.Acer Inc..) [HKLM] -- InstallShield_{DEE08946-40F0-4890-853E-60A6C3306041}

O42 - Logiciel: Acer ePower Management - (.Pas de propriétaire.) [HKLM] -- {58E5844B-7CE2-413D-83D1-99294BF6C74F}

O42 - Logiciel: Acer eSettings Management - (.Acer Inc..) [HKLM] -- InstallShield_{E38BC648-883B-4EE5-966C-94C4B7AB3E0B}

O42 - Logiciel: Adobe Acrobat 6.0.1 Professional - (.Adobe Systems.) [HKLM] -- {AC76BA86-1033-0000-7760-000000000001}

O42 - Logiciel: Adobe Anchor Service CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {90176341-0A8B-4CCC-A78D-F862228A6B95}

O42 - Logiciel: Adobe Asset Services CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}

O42 - Logiciel: Adobe Atmosphere Player for Acrobat and Adobe Reader - (.Pas de propriétaire.) [HKLM] -- Adobe Atmosphere Player

O42 - Logiciel: Adobe Bridge CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {9C9824D9-9000-4373-A6A5-D0E5D4831394}

O42 - Logiciel: Adobe Bridge Start Meeting - (.Adobe Systems Incorporated.) [HKLM] -- {08B32819-6EEF-4057-AEDA-5AB681A36A23}

O42 - Logiciel: Adobe CMaps - (.Adobe Systems Incorporated.) [HKLM] -- {A2B242BD-FF8D-4840-9DAA-9170EABEC59C}

O42 - Logiciel: Adobe Camera Raw 4.0 - (.Adobe Systems Incorporated.) [HKLM] -- {B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}

O42 - Logiciel: Adobe Color Common Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}

O42 - Logiciel: Adobe Color EU Recommended Settings - (.Adobe Systems Incorporated.) [HKLM] -- {73B5D990-04EA-4751-B10F-5534770B91F2}

O42 - Logiciel: Adobe Color JA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}

O42 - Logiciel: Adobe Color NA Extra Settings - (.Adobe Systems Incorporated.) [HKLM] -- {FF29A7E2-FF40-4D07-B7E4-2093DE59E10A}

O42 - Logiciel: Adobe Default Language CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {B9B35331-B7E4-4E5C-BF4C-7BC87856124D}

O42 - Logiciel: Adobe Device Central CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {8D2BA474-F406-4710-9AE4-D4F22D21F0DD}

O42 - Logiciel: Adobe ExtendScript Toolkit 2 - (.Adobe Systems Incorporated.) [HKLM] -- {C2D69781-F392-4118-A5A7-C7E9C38DBFC2}

O42 - Logiciel: Adobe Flash Player 10 ActiveX - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player ActiveX

O42 - Logiciel: Adobe Flash Player 10 Plugin - (.Adobe Systems Incorporated.) [HKLM] -- Adobe Flash Player Plugin

O42 - Logiciel: Adobe Fonts All - (.Adobe Systems Incorporated.) [HKLM] -- {6ABE0BEE-D572-4FE8-B434-9E72A289431B}

O42 - Logiciel: Adobe Help Viewer CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {7ACFB90E-8FD0-4397-AD3A-5195412623A3}

O42 - Logiciel: Adobe Illustrator CS3 - (.Adobe Systems Incorporated.) [HKLM] -- Adobe_e21d2df5563f0bf421cf2cc5ec26c42

O42 - Logiciel: Adobe Illustrator CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {6E08CE13-C2AB-4749-9335-5900B958929E}

O42 - Logiciel: Adobe Linguistics CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {54793AA1-5001-42F4-ABB6-C364617C6078}

O42 - Logiciel: Adobe PDF Library Files - (.Adobe Systems Incorporated.) [HKLM] -- {D2559B88-CC9D-4B48-81BB-F492BAA9C48C}

O42 - Logiciel: Adobe Photoshop CS - (.Adobe Systems, Inc..) [HKLM] -- {EFB21DE7-8C19-4A88-BB28-A766E16493BC}

O42 - Logiciel: Adobe SVG Viewer 3.0 - (.Adobe Systems, Inc..) [HKLM] -- Adobe SVG Viewer

O42 - Logiciel: Adobe Setup - (.Adobe Systems Incorporated.) [HKLM] -- {CE67DBBB-2ED0-4F35-B482-0CFE4CFC1570}

O42 - Logiciel: Adobe Stock Photos CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {29E5EA97-5F74-4A57-B8B2-D4F169117183}

O42 - Logiciel: Adobe Type Support - (.Adobe Systems Incorporated.) [HKLM] -- {8E6808E2-613D-4FCD-81A2-6C8FA8E03312}

O42 - Logiciel: Adobe Update Manager CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {E69AE897-9E0B-485C-8552-7841F48D42D8}

O42 - Logiciel: Adobe Version Cue CS3 Client - (.Adobe Systems Incorporated.) [HKLM] -- {D0DFF92A-492E-4C40-B862-A74A173C25C5}

O42 - Logiciel: Adobe WinSoft Linguistics Plugin - (.Adobe Systems Incorporated.) [HKLM] -- {184CE391-7E0E-4C63-9935-D7A10EDFD3C6}

O42 - Logiciel: Adobe XMP Panels CS3 - (.Adobe Systems Incorporated.) [HKLM] -- {D5A31AB1-345D-47C7-A87B-036A669F6DF1}

O42 - Logiciel: ArcGIS ArcInfo Workstation - (.Environmental Systems Research Institute, Inc..) [HKLM] -- {2B0AEAE7-6EF2-4642-8F95-DDBC9B72721D}

O42 - Logiciel: ArcGIS Crystal Report Wizard - (.<no manufacturer>.) [HKLM] -- {15FB6880-728F-4DF6-BEBB-046302A8E25A}

O42 - Logiciel: ArcGIS Desktop - (.Environmental Systems Research Institute, Inc..) [HKLM] -- ArcGIS Desktop

O42 - Logiciel: ArcGIS License Manager - (.Pas de propriétaire.) [HKLM] -- ArcGIS License Manager

O42 - Logiciel: ArcSoft Print Creations - (.ArcSoft.) [HKLM] -- {CAE8A0F1-B498-4C23-95FA-55047E730C8F}

O42 - Logiciel: ArcSoft Print Creations - Album Page - (.ArcSoft.) [HKLM] -- {E6B4117F-AC59-4B13-9274-EB136E8897EE}

O42 - Logiciel: ArcSoft Print Creations - Funhouse - (.ArcSoft.) [HKLM] -- {9591C049-5CAE-4E89-A8D9-191F1899628B}

O42 - Logiciel: ArcSoft Print Creations - Greeting Card - (.ArcSoft.) [HKLM] -- {F04F9557-81A9-4293-BC49-2C216FA325A7}

O42 - Logiciel: ArcSoft Print Creations - Photo Book - (.ArcSoft.) [HKLM] -- {56589DFE-0C29-4DFE-8E42-887B771ECD23}

O42 - Logiciel: ArcSoft Print Creations - Photo Calendar - (.ArcSoft.) [HKLM] -- {CA9ED5E4-1548-485B-A293-417840060158}

O42 - Logiciel: ArcSoft Print Creations - Scrapbook - (.ArcSoft.) [HKLM] -- {B0D83FCD-9D42-43ED-8315-250326AADA02}

O42 - Logiciel: ArcSoft Print Creations - Slimline Card - (.ArcSoft.) [HKLM] -- {007B37D9-0C45-4202-834B-DD5FAAE99D63}

O42 - Logiciel: Assistant de connexion Windows Live - (.Microsoft Corporation.) [HKLM] -- {DCE8CD14-FBF5-4464-B9A4-E18E473546C7}

O42 - Logiciel: AutoCAD 2004 - (.Autodesk.) [HKLM] -- {5783F2D7-0201-040C-0002-0060B0CE6BBA}

O42 - Logiciel: AutoCAD 2008 - Français - (.Autodesk.) [HKLM] -- AutoCAD 2008 - Français

O42 - Logiciel: AutoCAD Express Tools Volumes 1-9 - (.Autodesk.) [HKLM] -- {5783F2D7-0211-0409-0000-0060B0CE6BBA}

O42 - Logiciel: Autodesk DWF Viewer 7 - (.Autodesk, Inc..) [HKLM] -- {9A346205-EA92-4406-B1AB-50379DA3F057}

O42 - Logiciel: Autodesk Express Viewer - (.Autodesk, Inc..) [HKLM] -- Autodesk Express Viewer

O42 - Logiciel: Bank 4.8 - (.Pas de propriétaire.) [HKLM] -- Bank

O42 - Logiciel: Bouml 4.21 - (.Bruno Pagès.) [HKLM] -- Bouml_is1

O42 - Logiciel: CCleaner - (.Piriform.) [HKLM] -- CCleaner

O42 - Logiciel: CDBurnerXP - (.CDBurnerXP.) [HKLM] -- {7E265513-8CDA-4631-B696-F40D983F3B07}_is1

O42 - Logiciel: Canvas 6 - (.Pas de propriétaire.) [HKLM] -- Canvas 6

O42 - Logiciel: ChronoMap - (.Pas de propriétaire.) [HKLM] -- {22E29C20-4ACB-11D5-8A86-0080C8D48B69}

O42 - Logiciel: ChronoVia - (.Pas de propriétaire.) [HKLM] -- {15193176-4ADA-11D5-8A86-0080C8D48B69}

O42 - Logiciel: ConTEXT - (.Eden Kirin.) [HKLM] -- ConTEXTEditor_is1

O42 - Logiciel: Covadis Topo 2004 - (.Pas de propriétaire.) [HKLM] -- Covadis Topo 2004

O42 - Logiciel: DWG TrueView 2010 - (.Autodesk.) [HKLM] -- DWG TrueView 2010

O42 - Logiciel: Data Access Objects (DAO) 3.5 - (.Pas de propriétaire.) [HKLM] -- DAO 3.5

O42 - Logiciel: DataLink DL01 v2.0 - (.Pas de propriétaire.) [HKLM] -- {24204140-0A0B-11D4-A0FA-0080C845E265}

O42 - Logiciel: Defraggler - (.Piriform.) [HKLM] -- Defraggler

O42 - Logiciel: ECW Compressor 2.2 - (.Pas de propriétaire.) [HKLM] -- ECW Compressor 2.2

O42 - Logiciel: FAOCLIM 2 - (.Pas de propriétaire.) [HKLM] -- FAOCLIM 2

O42 - Logiciel: FastStone Capture 5.3 (French) - (.FastStone Soft.) [HKLM] -- FastStone Capture

O42 - Logiciel: Filzip 3.06 - (.Philipp Engel.) [HKLM] -- Filzip 3.0.6.93_is1

O42 - Logiciel: FinePixViewer Resource - (.FUJIFILM Corporation.) [HKLM] -- {B44529FF-501E-47CD-A06D-223C161BE058}

O42 - Logiciel: FinePixViewer Ver.5.5 - (.FUJIFILM Corporation.) [HKLM] -- {24ED4D80-8294-11D5-96CD-0040266301AD}

O42 - Logiciel: FinePixViewer YTUPL - (.FUJIFILM Corporation.) [HKLM] -- {65EB09A3-993B-401E-8936-C9708CBFAB26}

O42 - Logiciel: Free Window Registry Repair - (.Pas de propriétaire.) [HKLM] -- Free Window Registry Repair

O42 - Logiciel: GIMP 2.6.8 - (.Pas de propriétaire.) [HKLM] -- WinGimp-2.0_is1

O42 - Logiciel: Galerie de photos Windows Live - (.Microsoft Corporation.) [HKLM] -- {B131E59D-202C-43C6-84C9-68F0C37541F1}

O42 - Logiciel: Garmin Trip and Waypoint Manager v5 - (.Garmin Ltd or its subsidiaries.) [HKLM] -- {414A373B-59DF-4102-94CA-9FE9A74CBDDA}

O42 - Logiciel: GemMaster Mystic - (.Pas de propriétaire.) [HKLM] -- 99A88D57-2C93-491B-87B8-E41A870FB6BE

O42 - Logiciel: GeoContext for FAOCLIM 2 - (.Pas de propriétaire.) [HKLM] -- GeoContext for FAOCLIM 2

O42 - Logiciel: Glary Utilities 2.31.0.1098 - (.Glarysoft Ltd.) [HKLM] -- Glary Utilities_is1

O42 - Logiciel: Google Chrome - (.Google Inc..) [HKCU] -- Google Chrome

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {18455581-E099-4BA8-BC6B-F34B2F06600C}

O42 - Logiciel: Google Toolbar for Internet Explorer - (.Google Inc..) [HKLM] -- {2318C2B1-4965-11d4-9B18-009027A5CD4F}

O42 - Logiciel: Google Update Helper - (.Google Inc..) [HKLM] -- {A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}

O42 - Logiciel: Google Earth - (.Google.) [HKLM] -- {4286E640-B5FB-11DF-AC4B-005056C00008}

O42 - Logiciel: HDAUDIO Soft Data Fax Modem with SmartCP - (.Pas de propriétaire.) [HKLM] -- CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBSYS_1025007F

O42 - Logiciel: HP Customer Participation Program 7.0 - (.HP.) [HKLM] -- HPExtendedCapabilities

O42 - Logiciel: HP Imaging Device Functions 7.0 - (.HP.) [HKLM] -- HP Imaging Device Functions

O42 - Logiciel: HP Photosmart Essential - (.HP.) [HKLM] -- {6994491D-D491-48F1-AE1F-E179C1FFFC2F}

O42 - Logiciel: HP Photosmart, Officejet and Deskjet 7.0.A - (.HP.) [HKLM] -- {BDBE2F3E-42DB-4d4a-8CB1-19BA765DBC6C}

O42 - Logiciel: HP Software Update - (.Hewlett-Packard.) [HKLM] -- {BB85ED9C-AFC9-43BD-B8DC-258C3C7DF72E}

O42 - Logiciel: HP Solution Center 7.0 - (.HP.) [HKLM] -- HP Solution Center & Imaging Support Tools

O42 - Logiciel: High Definition Audio Driver Package - KB888111 - (.Microsoft Corporation.) [HKLM] -- KB888111WXPSP2

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB953595

O42 - Logiciel: Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB958484

O42 - Logiciel: Hotfix for Windows Media Format 11 SDK (KB929399) - (.Microsoft Corporation.) [HKLM] -- KB929399

O42 - Logiciel: Hotfix for Windows Media Player 10 (KB903157) - (.Microsoft Corporation.) [HKLM] -- KB903157

O42 - Logiciel: Hotfix for Windows XP (KB954550-v5) - (.Microsoft Corporation.) [HKLM] -- KB954550-v5

O42 - Logiciel: Hotfix for Windows XP (KB976002-v5) - (.Microsoft Corporation.) [HKLM] -- KB976002-v5

O42 - Logiciel: IncrediMail - (.IncrediMail.) [HKLM] -- {5E97F3BD-CDDC-4188-9D98-532E14FABB5D}

O42 - Logiciel: IncrediMail 2.0 - (.IncrediMail Ltd..) [HKLM] -- IncrediMail

O42 - Logiciel: Informix - (.Pas de propriétaire.) [HKLM] -- Informix

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- WinLiveSuite_Wave3

O42 - Logiciel: Installation Windows Live - (.Microsoft Corporation.) [HKLM] -- {46ABBC54-1872-4AA3-95E2-F2C063A63F31}

O42 - Logiciel: Java DB 10.4.2.1 - (.Sun Microsystems, Inc.) [HKLM] -- {926C96FB-9D0A-4504-8000-C6D3A4A3118E}

O42 - Logiciel: Java 6 Update 24 - (.Sun Microsystems, Inc..) [HKLM] -- {26A24AE4-039D-4CA4-87B4-2F83216019FF}

O42 - Logiciel: Java SE Development Kit 6 Update 17 - (.Sun Microsystems, Inc..) [HKLM] -- {32A3A4F4-B792-11D6-A78A-00B0D0160170}

O42 - Logiciel: Junk Mail filter update - (.Microsoft Corporation.) [HKLM] -- {E2DFE069-083E-4631-9B6C-43C48E991DE5}

O42 - Logiciel: Khi3 - Universal Scientific Calculator - (.Joël Ollivier.) [HKLM] -- {86830DEC-C5E5-43AC-B5ED-2680D5C04BCF}

O42 - Logiciel: Lecteur Windows Media 11 - (.Pas de propriétaire.) [HKLM] -- Windows Media Player

O42 - Logiciel: Logiciel Intel® PROSet/Wireless - (.Intel Corporation.) [HKLM] -- ProInst

O42 - Logiciel: MARALITe ver 3.2 - (.Medical Research Council.) [HKLM] -- MARALITe_is1

O42 - Logiciel: MSN - (.Pas de propriétaire.) [HKLM] -- MSNINST

O42 - Logiciel: MSVCRT - (.Microsoft.) [HKLM] -- {22B775E7-6C42-4FC5-8E10-9A5E3257BD94}

O42 - Logiciel: MSXML 4.0 SP2 (KB954430) - (.Microsoft Corporation.) [HKLM] -- {86493ADD-824D-4B8E-BD72-8C5DCDC52A71}

O42 - Logiciel: MSXML 4.0 SP2 (KB973688) - (.Microsoft Corporation.) [HKLM] -- {F662A8E6-F4DC-41A2-901E-8C11F044BDEC}

O42 - Logiciel: MSXML 6.0 Parser (KB925673) - (.Microsoft Corporation.) [HKLM] -- {FE9126DB-5F84-495A-BB46-3C724F1C2D08}

O42 - Logiciel: Malwarebytes' Anti-Malware version 1.51.1.1800 - (.Malwarebytes Corporation.) [HKLM] -- Malwarebytes' Anti-Malware_is1

O42 - Logiciel: Malwarebytes' RogueRemover - (.Malwarebytes.) [HKLM] -- Malwarebytes' RogueRemover FREE_is1

O42 - Logiciel: MapImagery - (.Pas de propriétaire.) [HKLM] -- MapImagery

O42 - Logiciel: MapInfo Line Style Editor 2.0 - (.Pas de propriétaire.) [HKLM] -- MapInfo Line Style Editor

O42 - Logiciel: MapInfo MDAC-DAO-ODBC 7.0 - (.Pas de propriétaire.) [HKLM] -- {B8E1C308-6043-46E5-AE7D-422EBD35DAA3}

O42 - Logiciel: MapInfo ProViewer 5.0 - (.Pas de propriétaire.) [HKLM] -- MapInfoProViewer50

O42 - Logiciel: MapInfo Professional 7.8 - (.MapInfo Corporation.) [HKLM] -- {CD9B92AD-F5F8-4C4D-9341-4D9B1BD5A8C0}

O42 - Logiciel: MapInfo Professional® - Jeu de données - (.Pas de propriétaire.) [HKLM] -- MapInfo Professional® - Jeu de données

O42 - Logiciel: Micro Application - MediaDICO 12 - (.Pas de propriétaire.) [HKLM] -- MediaDICO12

O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB953295) - (.Microsoft Corporation.) [HKLM] -- KB953295

O42 - Logiciel: Microsoft .NET Framework 1.0 Hotfix (KB979904) - (.Microsoft Corporation.) [HKLM] -- KB979904

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Microsoft.) [HKLM] -- {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1}

O42 - Logiciel: Microsoft .NET Framework 1.1 - (.Pas de propriétaire.) [HKLM] -- Microsoft .NET Framework 1.1 (1033)

O42 - Logiciel: Microsoft .NET Framework 1.1 French Language Pack - (.Microsoft.) [HKLM] -- {9A394342-4A68-4EBA-85A6-55B559F4E700}

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB2416447) - (.Pas de propriétaire.) [HKLM] -- M2416447

O42 - Logiciel: Microsoft .NET Framework 1.1 Security Update (KB979906) - (.Pas de propriétaire.) [HKLM] -- M979906

O42 - Logiciel: Microsoft .NET Framework 2.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}

O42 - Logiciel: Microsoft .NET Framework 3.0 French Language Pack - (.Microsoft Corporation.) [HKLM] -- {E3C080B0-23F5-49AF-89F8-8E8DBC89E659}

O42 - Logiciel: Microsoft .NET Framework 3.0 Service Pack 2 - (.Microsoft Corporation.) [HKLM] -- {A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.5 SP1

O42 - Logiciel: Microsoft .NET Framework 3.5 SP1 - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}

O42 - Logiciel: Microsoft Antimalware - (.Microsoft Corporation.) [HKLM] -- {774088D4-0777-4D78-904D-E435B318F5D2}

O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {0450B7B0-AC71-44A4-AB40-4DD678DF3A8C}

O42 - Logiciel: Microsoft Antimalware Service FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {A4526B5A-89C0-4F4B-9E6E-4F883374D5F9}

O42 - Logiciel: Microsoft Choice Guard - (.Microsoft Corporation.) [HKLM] -- {F0E12BBA-AD66-4022-A453-A1C8A0C4D570}

O42 - Logiciel: Microsoft Compression Client Pack 1.0 for Windows XP - (.Microsoft Corporation.) [HKLM] -- MSCompPackV1

O42 - Logiciel: Microsoft Office File Validation Add-In - (.Microsoft Corporation.) [HKLM] -- {90140000-2005-0000-0000-0000000FF1CE}

O42 - Logiciel: Microsoft Office FrontPage 2003 - (.Microsoft Corporation.) [HKLM] -- {9017040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft Office Live Add-in 1.3 - (.Microsoft Corporation.) [HKLM] -- {57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}

O42 - Logiciel: Microsoft Office OneNote 2003 - (.Microsoft Corporation.) [HKLM] -- {90A1040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft Office Professional Edition 2003 - (.Microsoft Corporation.) [HKLM] -- {9011040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft Office Project Professional 2003 - (.Microsoft Corporation.) [HKLM] -- {903B040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft Office Visio Professional 2003 - (.Microsoft Corporation.) [HKLM] -- {9051040C-6000-11D3-8CFE-0150048383C9}

O42 - Logiciel: Microsoft SQL Server 2005 Compact Edition [ENU] - (.Microsoft Corporation.) [HKLM] -- {F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}

O42 - Logiciel: Microsoft Search Enhancement Pack - (.Microsoft Corporation.) [HKLM] -- {4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}

O42 - Logiciel: Microsoft Security Client - (.Microsoft Corporation.) [HKLM] -- {77A776C4-D10F-416D-88F0-53F2D9DCD9B3}

O42 - Logiciel: Microsoft Security Client FR-FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {859B9BCA-5376-4566-9F88-C6C9DAA7A925}

O42 - Logiciel: Microsoft Security Essentials - (.Microsoft Corporation.) [HKLM] -- Microsoft Security Client

O42 - Logiciel: Microsoft Silverlight - (.Microsoft Corporation.) [HKLM] -- {89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}

O42 - Logiciel: Microsoft Sync Framework Runtime Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {8A74E887-8F0F-4017-AF53-CBA42211AAA5}

O42 - Logiciel: Microsoft Sync Framework Services Native v1.0 (x86) - (.Microsoft Corporation.) [HKLM] -- {BD64AF4A-8C80-4152-AD77-FCDDF05208AB}

O42 - Logiciel: Microsoft User-Mode Driver Framework Feature Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- Wudf01000

O42 - Logiciel: Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 - (.Microsoft Corporation.) [HKLM] -- {86CE85E6-DBAC-3FFD-B977-E4B79F83C909}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 - (.Microsoft Corporation.) [HKLM] -- {9A25302D-30C0-39D9-BD6F-21E6EC160475}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 - (.Microsoft Corporation.) [HKLM] -- {1F1C2DFC-2D24-3E06-BCB8-725134ADF989}

O42 - Logiciel: Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 - (.Microsoft Corporation.) [HKLM] -- {9BE518E6-ECC6-35A9-88E4-87755C07200F}

O42 - Logiciel: Module de compatibilité pour Microsoft Office System 2007 - (.Microsoft Corporation.) [HKLM] -- {90120000-0020-040C-0000-0000000FF1CE}

O42 - Logiciel: Module de prise en charge linguistique de Microsoft .NET Framework 2.0 - FRA - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 2.0 Language Pack - FRA

O42 - Logiciel: Module de prise en charge linguistique du français de Microsoft .NET Framework 3.0 - (.Microsoft Corporation.) [HKLM] -- Microsoft .NET Framework 3.0 French Language Pack

O42 - Logiciel: Mozilla Firefox (3.6.18) - (.Mozilla.) [HKLM] -- Mozilla Firefox (3.6.18)

O42 - Logiciel: NTI Backup NOW! 4.5 - (.NewTech Infosystems.) [HKLM] -- {B06B842F-2450-494F-BBDE-217CDC151A37}

O42 - Logiciel: NTI CD & DVD-Maker - (.NewTech Infosystems.) [HKLM] -- InstallShield_{1577A05B-EE62-4BBC-9DB7-FE748FA44EC2}

O42 - Logiciel: New_LocClim - (.FAO of the UN and GPCC at DWD.) [HKLM] -- New_LocClim

O42 - Logiciel: NirSoft BlueScreenView - (.Pas de propriétaire.) [HKLM] -- NirSoft BlueScreenView

O42 - Logiciel: Notification de cadeaux MSN - (.Microsoft.) [HKCU] -- Notification de cadeaux MSN

O42 - Logiciel: OCR Software by I.R.I.S 7.0 - (.HP.) [HKLM] -- HPOCR

O42 - Logiciel: OpenOffice.org 3.3 - (.OpenOffice.org.) [HKLM] -- {7E0610A2-E336-40B3-B685-C4905E97EC9A}

O42 - Logiciel: Otto - (.Pas de propriétaire.) [HKLM] -- 0D20D36D-A11C-444c-9AF7-70CBFED42ECF

O42 - Logiciel: Outil de téléchargement Windows Live - (.Microsoft Corporation.) [HKLM] -- {205C6BDD-7B73-42DE-8505-9A093F35A238}

O42 - Logiciel: PDF Settings - (.Adobe Systems Incorporated.) [HKLM] -- {AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}

O42 - Logiciel: PL-2303 USB-to-Serial - (.Pas de propriétaire.) [HKLM] -- {ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}

O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpmdm) Modem (12/06/2005 2.4.0) - (.MobileTop.) [HKLM] -- 6F20211A07D2A216859CBC3248BDE3B338E543E0

O42 - Logiciel: Package de pilotes Windows - MobileTop (sshpusb) USB (12/06/2005 2.4.0) - (.MobileTop.) [HKLM] -- 09DA5A1E4E89D27A472F4075BFB98DE53AFE5769

O42 - Logiciel: PhoneSuite - (.Pas de propriétaire.) [HKLM] -- PhoneSuite

O42 - Logiciel: PowerDVD - (.CyberLink Corporation.) [HKLM] -- {6811CAA0-BF12-11D4-9EA1-0050BAE317E1}

O42 - Logiciel: PowerProducer - (.Pas de propriétaire.) [HKLM] -- {B7A0CE06-068E-11D6-97FD-0050BACBF861}

O42 - Logiciel: Python 2.5 numpy-1.0.3 - (.Pas de propriétaire.) [HKLM] -- Python 2.5 numpy-1.0.3

O42 - Logiciel: Python 2.5 pywin32-210 - (.Pas de propriétaire.) [HKLM] -- pywin32-py2.5

O42 - Logiciel: Python 2.5.1 - (.Pas de propriétaire.) [HKLM] -- Python 2.5.1

O42 - Logiciel: Python 2.6.1 - (.Python Software Foundation.) [HKLM] -- {9cc89170-000b-457d-91f1-53691f85b223}

O42 - Logiciel: QuickTime - (.Apple Inc..) [HKLM] -- {08CA9554-B5FE-4313-938F-D4A417B81175}

O42 - Logiciel: Realtek High Definition Audio Driver - (.Realtek Semiconductor Corp..) [HKLM] -- {F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}

O42 - Logiciel: Revo Uninstaller 1.83 - (.VS Revo Group.) [HKLM] -- Revo Uninstaller

O42 - Logiciel: SAMSUNG CDMA Modem Driver Set - (.Pas de propriétaire.) [HKLM] -- SAMSUNG CDMA Modem

O42 - Logiciel: SafeCast Shared Components - (.Macrovision.) [HKLM] -- CdaC13Ba

O42 - Logiciel: Samsung PC Studio 5 - (.Samsung Electronics Co., Ltd..) [HKLM] -- {2B518DF9-4963-4AC7-9250-0EA6154D0AC6}

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- KB931906

O42 - Logiciel: Security Update for CAPICOM (KB931906) - (.Microsoft Corporation.) [HKLM] -- {0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A}

O42 - Logiciel: Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB2416473

O42 - Logiciel: Segoe UI - (.Microsoft Corp.) [HKLM] -- {A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}

O42 - Logiciel: Sentinel Protection Installer 7.2.2 - (.SafeNet, Inc..) [HKLM] -- {6DC0632A-A838-4B34-AC19-0FA18E1C533C}

O42 - Logiciel: Solstice - (.Pas de propriétaire.) [HKLM] -- {FD3D23B6-3428-492F-BE99-645E6824E8B8}

O42 - Logiciel: Sonic Encoders - (.Sonic Solutions.) [HKLM] -- {9941F0AA-B903-4AF4-A055-83A9815CC011}

O42 - Logiciel: Spelling Dictionaries Support For Adobe Reader 9 - (.Adobe Systems Incorporated.) [HKLM] -- {AC76BA86-7AD7-5464-3428-900000000004}

O42 - Logiciel: Support DBMS MapInfo - (.Pas de propriétaire.) [HKLM] -- {FE988A05-B29E-4FB7-AD46-2A0BBC6AA02A}

O42 - Logiciel: Synaptics Pointing Device Driver - (.Synaptics.) [HKLM] -- SynTPDeinstKey

O42 - Logiciel: Update for Microsoft .NET Framework 3.5 SP1 (KB963707) - (.Microsoft Corporation.) [HKLM] -- {CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707

O42 - Logiciel: VLC media player 1.0.5 - (.VideoLAN Team.) [HKLM] -- VLC media player

O42 - Logiciel: Vertical Mapper 2.6 - (.Pas de propriétaire.) [HKLM] -- {97042B20-E491-11D3-96D4-00105A111647}

O42 - Logiciel: WampServer 2.0 - (.Romain Bourdon (Roms).) [HKLM] -- WampServer 2_is1

O42 - Logiciel: Windows Genuine Advantage Validation Tool (KB892130) - (.Microsoft Corporation.) [HKLM] -- KB892130

O42 - Logiciel: Windows Internet Explorer 8 - (.Microsoft Corporation.) [HKLM] -- ie8

O42 - Logiciel: Windows Live Call - (.Microsoft Corporation.) [HKLM] -- {82C7B308-0BDD-49D8-8EA5-9CD3A3F9DF41}

O42 - Logiciel: Windows Live Communications Platform - (.Microsoft Corporation.) [HKLM] -- {3B4E636E-9D65-4D67-BA61-189800823F52}

O42 - Logiciel: Windows Live FolderShare - (.Microsoft Corporation.) [HKLM] -- {2075CB0A-D26F-4DAA-B424-5079296B43BA}

O42 - Logiciel: Windows Live Mail - (.Microsoft Corporation.) [HKLM] -- {5DD76286-9BE7-4894-A990-E905E91AC818}

O42 - Logiciel: Windows Live Messenger - (.Microsoft Corporation.) [HKLM] -- {770F1BEC-2871-4E70-B837-FB8525FFA3B1}

O42 - Logiciel: Windows Live Toolbar - (.Microsoft Corporation.) [HKLM] -- {F7D27C70-90F5-49B9-B188-0A133C0CE353}

O42 - Logiciel: Windows Live Writer - (.Microsoft Corporation.) [HKLM] -- {4634B21A-CC07-4396-890C-2B8168661FEA}

O42 - Logiciel: Windows Media Format 11 runtime - (.Microsoft Corporation.) [HKLM] -- WMFDist11

O42 - Logiciel: Windows Media Format 11 runtime - (.Pas de propriétaire.) [HKLM] -- Windows Media Format Runtime

O42 - Logiciel: Windows Media Player 11 - (.Microsoft Corporation.) [HKLM] -- wmp11

O42 - Logiciel: Windows Presentation Foundation - (.Microsoft Corporation.) [HKLM] -- {BAF78226-3200-4DB4-BE33-4D922A799840}

O42 - Logiciel: Windows Presentation Foundation Language Pack (FRA) - (.Microsoft Corporation.) [HKLM] -- {6901DD22-527A-41EF-9059-E81FEDE9E494}

O42 - Logiciel: Windows Workflow Foundation FR Language Pack - (.Microsoft Corporation.) [HKLM] -- {B84C141C-9A13-44BE-9A69-301D7B11D836}

O42 - Logiciel: Windows XP Media Center Edition 2005 KB2502898 - (.Microsoft Corporation.) [HKLM] -- KB2502898

O42 - Logiciel: Windows XP Media Center Edition 2005 KB925766 - (.Microsoft Corporation.) [HKLM] -- KB925766

O42 - Logiciel: Windows XP Media Center Edition 2005 KB973768 - (.Microsoft Corporation.) [HKLM] -- KB973768

O42 - Logiciel: Windows XP Service Pack 3 - (.Microsoft Corporation.) [HKLM] -- Windows XP Service

O42 - Logiciel: XML Paper Specification Shared Components Language Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XPSEPSCLP

O42 - Logiciel: XML Paper Specification Shared Components Pack 1.0 - (.Microsoft Corporation.) [HKLM] -- XpsEPSC

O42 - Logiciel: Yahoo! Install Manager - (.Pas de propriétaire.) [HKLM] -- YInstHelper

O42 - Logiciel: Yahoo! Software Update - (.Pas de propriétaire.) [HKLM] -- Yahoo! Software Update

O42 - Logiciel: Yahoo! Toolbar - (.Pas de propriétaire.) [HKLM] -- Yahoo! Companion

O42 - Logiciel: doPDF 6.0 printer - (.Softland.) [HKLM] -- doPDF 6 printer_is1

O42 - Logiciel: mCore - (.Intel Corporation.) [HKLM] -- {E81667C6-2856-46D6-ABEA-6A2F42166779}

O42 - Logiciel: mMHouse - (.Intel Corporation.) [HKLM] -- {F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}

O42 - Logiciel: mPfMgr - (.Intel Corporation.) [HKLM] -- {8B928BA1-EDEC-4227-A2DA-DD83026C36F5}

O42 - Logiciel: mProSafe - (.Intel.) [HKLM] -- {23FB368F-1399-4EAC-817C-4B83ECBE3D83}

O42 - Logiciel: mWlsSafe - (.Intel.) [HKLM] -- {FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}

O42 - Logiciel: mXML - (.Intel Corporation.) [HKLM] -- {9CC89556-3578-48DD-8408-04E66EBEF401}

 

---\\ HKCU & HKLM Software Keys

[HKCU\Software\?? ?? ???? ????? ??? ?? ????]

[HKCU\Software\Acer]

[HKCU\Software\Ad-Remover]

[HKCU\Software\Adobe]

[HKCU\Software\Apple Computer, Inc.]

[HKCU\Software\ArcSoft]

[HKCU\Software\Autodesk]

[HKCU\Software\CamStudioOpenSource for Nick]

[HKCU\Software\Canneverbe Limited]

[HKCU\Software\Classes]

[HKCU\Software\Clients]

[HKCU\Software\Compal]

[HKCU\Software\CyberLink]

[HKCU\Software\Deneba]

[HKCU\Software\ESET]

[HKCU\Software\ESRI]

[HKCU\Software\Eden]

[HKCU\Software\FAO of the UN and GPCC at DWD]

[HKCU\Software\FUJIFILM]

[HKCU\Software\Filzip]

[HKCU\Software\GID]

[HKCU\Software\Gabest]

[HKCU\Software\Garmin]

[HKCU\Software\GlarySoft]

[HKCU\Software\Google]

[HKCU\Software\Hewlett-Packard]

[HKCU\Software\HookNetwork]

[HKCU\Software\IM Providers]

[HKCU\Software\IncrediMail]

[HKCU\Software\Informix]

[HKCU\Software\Intel]

[HKCU\Software\JavaSoft]

[HKCU\Software\Joshua F. Madison]

[HKCU\Software\Lake]

[HKCU\Software\Laventure]

[HKCU\Software\Local AppWizard-Generated Applications]

[HKCU\Software\METRISPENTAX]

[HKCU\Software\Macromedia]

[HKCU\Software\Malwarebytes' Anti-Malware]

[HKCU\Software\MapInfo]

[HKCU\Software\MaraLite]

[HKCU\Software\MediaTek]

[HKCU\Software\MozillaPlugins]

[HKCU\Software\Mozilla]

[HKCU\Software\NVIDIA Corporation]

[HKCU\Software\Netscape]

[HKCU\Software\NewTech Infosystems]

[HKCU\Software\Northcode Inc]

[HKCU\Software\Northwood]

[HKCU\Software\ODBC]

[HKCU\Software\OpenOffice.org]

[HKCU\Software\PC SOFT]

[HKCU\Software\Panda Software]

[HKCU\Software\Piriform]

[HKCU\Software\Policies]

[HKCU\Software\Python 2.5]

[HKCU\Software\Realtek]

[HKCU\Software\SAMSUNG]

[HKCU\Software\Safe Software Inc.]

[HKCU\Software\Seagate Software]

[HKCU\Software\Synaptics]

[HKCU\Software\Sysinternals]

[HKCU\Software\SystemSafe]

[HKCU\Software\TanaSoft]

[HKCU\Software\Usbfix]

[HKCU\Software\VB and VBA Program Settings]

[HKCU\Software\VSRevoGroup]

[HKCU\Software\WinRAR SFX]

[HKCU\Software\YahooPartnerToolbar]

[HKCU\Software\Yahoo]

[HKCU\Software\ksdev]

[HKCU\Software\nSplitter]

[HKLM\Software\Adobe Systems]

[HKLM\Software\Adobe]

[HKLM\Software\Apple Computer, Inc.]

[HKLM\Software\ArcSoft]

[HKLM\Software\Autodesk]

[HKLM\Software\BrowserChoice]

[HKLM\Software\Business Objects]

[HKLM\Software\C07ft5Y]

[HKLM\Software\CDDB]

[HKLM\Software\CXT]

[HKLM\Software\Classes]

[HKLM\Software\Clients]

[HKLM\Software\Compal]

[HKLM\Software\ConversApi]

[HKLM\Software\Convers]

[HKLM\Software\CyberLink]

[HKLM\Software\EPSON]

[HKLM\Software\ESRI]

[HKLM\Software\Earth Resource Mapping]

[HKLM\Software\Eset]

[HKLM\Software\FLEXlm License Manager]

[HKLM\Software\GID]

[HKLM\Software\Gabest]

[HKLM\Software\Garmin]

[HKLM\Software\Gemplus]

[HKLM\Software\Google]

[HKLM\Software\Géomédia]

[HKLM\Software\HP]

[HKLM\Software\HajeSoft]

[HKLM\Software\Hewlett-Packard]

[HKLM\Software\ICE]

[HKLM\Software\INTEL]

[HKLM\Software\ImInstaller]

[HKLM\Software\InstallShield]

[HKLM\Software\InstalledOptions]

[HKLM\Software\InterVideo]

[HKLM\Software\JavaRa]

[HKLM\Software\JavaSoft]

[HKLM\Software\JreMetrics]

[HKLM\Software\KODAK]

[HKLM\Software\Lake]

[HKLM\Software\LightScribe]

[HKLM\Software\MAXSOFT-OCRON]

[HKLM\Software\MCCI]

[HKLM\Software\MDC]

[HKLM\Software\Macromedia]

[HKLM\Software\Macrovision]

[HKLM\Software\Malwarebytes' Anti-Malware]

[HKLM\Software\MapInfo]

[HKLM\Software\MozillaPlugins]

[HKLM\Software\Mozilla]

[HKLM\Software\NVIDIA Corporation]

[HKLM\Software\NewTech Infosystems]

[HKLM\Software\Northwood]

[HKLM\Software\ODBC]

[HKLM\Software\OpenOffice.org]

[HKLM\Software\Panda Software]

[HKLM\Software\Piriform]

[HKLM\Software\Policies]

[HKLM\Software\Program Groups]

[HKLM\Software\Python]

[HKLM\Software\Rainbow Technologies]

[HKLM\Software\Realtek]

[HKLM\Software\RegisteredApplications]

[HKLM\Software\Safe Software Inc.]

[HKLM\Software\Safenet Sentinel]

[HKLM\Software\Safer Networking Limited]

[HKLM\Software\Samsung]

[HKLM\Software\Schlumberger]

[HKLM\Software\Seagate Software]

[HKLM\Software\Softland]

[HKLM\Software\Sonic]

[HKLM\Software\Sun Microsystems]

[HKLM\Software\Swearware]

[HKLM\Software\Synaptics]

[HKLM\Software\SystemSafe]

[HKLM\Software\Tanasoft]

[HKLM\Software\The Silicon Realms Toolworks]

[HKLM\Software\TrendMicro]

[HKLM\Software\Vantage Software Technologies]

[HKLM\Software\VideoLAN]

[HKLM\Software\WexTech Systems]

[HKLM\Software\Windows 3.1 Migration Status]

[HKLM\Software\Yahoo]

[HKLM\Software\acer]

[HKLM\Software\callas software gmbh]

[HKLM\Software\mozilla.org]

[HKLM\Software\muvee Technologies]

[HKLM\Software\nSplitter]

 

 

 

---\\ Contenu des dossiers Programs/ProgramFiles/ProgramData/AppData (O43)

O43 - CFD: 19/08/2006 - 04:30:58 - [1414067034] ----D- C:\Program Files\Fichiers communs

O43 - CFD: 19/08/2006 - 04:38:32 - [3942655] ----D- C:\Program Files\Windows NT

O43 - CFD: 19/08/2006 - 04:38:32 - [21471559] ----D- C:\Program Files\MSN

O43 - CFD: 19/08/2006 - 04:38:48 - [8745735] ----D- C:\Program Files\MSN Gaming Zone

O43 - CFD: 19/08/2006 - 04:38:50 - [2152579] ----D- C:\Program Files\Messenger

O43 - CFD: 19/08/2006 - 04:39:16 - [10949041] ----D- C:\Program Files\Movie Maker

O43 - CFD: 19/08/2006 - 04:39:26 - [41055406] ----D- C:\Program Files\Windows Plus

O43 - CFD: 19/08/2006 - 04:39:36 - [11993114] ----D- C:\Program Files\Windows Media Player

O43 - CFD: 19/08/2006 - 04:40:04 - [1712] ----D- C:\Program Files\Online Services

O43 - CFD: 19/08/2006 - 04:40:20 - [0] ----D- C:\Program Files\ComPlus Applications

O43 - CFD: 19/08/2006 - 04:41:54 - [5818328] ----D- C:\Program Files\Internet Explorer

O43 - CFD: 19/08/2006 - 04:41:58 - [4379321] ----D- C:\Program Files\Outlook Express

O43 - CFD: 19/08/2006 - 04:41:58 - [3285523] ----D- C:\Program Files\NetMeeting

O43 - CFD: 19/08/2006 - 04:42:34 - [933] ----D- C:\Program Files\Services en ligne

O43 - CFD: 19/08/2006 - 04:42:40 - [0] --H-D- C:\Program Files\WindowsUpdate

O43 - CFD: 19/08/2006 - 04:45:10 - [0] ----D- C:\Program Files\microsoft frontpage

O43 - CFD: 19/08/2006 - 04:45:10 - [0] ----D- C:\Program Files\xerox

O43 - CFD: 19/08/2006 - 04:51:42 - [9186547] ----D- C:\Program Files\Intel

O43 - CFD: 19/08/2006 - 04:56:42 - [0] --H-D- C:\Program Files\Uninstall Information

O43 - CFD: 19/08/2006 - 04:58:30 - [13378677] ----D- C:\Program Files\FrenchOtto

O43 - CFD: 19/08/2006 - 04:58:34 - [5071796] ----D- C:\Program Files\GemMasterFrench

O43 - CFD: 19/08/2006 - 05:20:26 - [63817314] --H-D- C:\Program Files\InstallShield Installation Information

O43 - CFD: 19/08/2006 - 05:20:28 - [48169367] ----D- C:\Program Files\Realtek

O43 - CFD: 19/08/2006 - 05:21:08 - [581632] ----D- C:\Program Files\CONEXANT

O43 - CFD: 19/08/2006 - 05:23:06 - [26967786] ----D- C:\Program Files\Synaptics

O43 - CFD: 19/08/2006 - 05:24:08 - [1078062] ----D- C:\Program Files\Acer Inc

O43 - CFD: 19/08/2006 - 05:24:56 - [1988019115] ----D- C:\Program Files\Adobe

O43 - CFD: 19/08/2006 - 05:26:12 - [251667816] ----D- C:\Program Files\CyberLink

O43 - CFD: 19/08/2006 - 05:31:32 - [161038521] ----D- C:\Program Files\NewTech Infosystems

O43 - CFD: 06/10/2009 - 21:28:38 - [1855720] ----D- C:\Program Files\Launch Manager

O43 - CFD: 06/10/2009 - 21:33:18 - [6576161] ----D- C:\Program Files\Yahoo!

O43 - CFD: 07/10/2009 - 18:11:58 - [465246161] ----D- C:\Program Files\MapInfo

O43 - CFD: 07/10/2009 - 18:21:18 - [54374263] ----D- C:\Program Files\ChronoVia

O43 - CFD: 07/10/2009 - 18:22:04 - [56095968] ----D- C:\Program Files\ChronoMap

O43 - CFD: 07/10/2009 - 18:23:38 - [348889] ----D- C:\Program Files\MapImagery

O43 - CFD: 07/10/2009 - 18:23:40 - [7155435] ----D- C:\Program Files\GID

O43 - CFD: 07/10/2009 - 18:25:00 - [4965656] ----D- C:\Program Files\ER Mapper

O43 - CFD: 07/10/2009 - 20:36:48 - [45027738] ----D- C:\Program Files\Autodesk

O43 - CFD: 07/10/2009 - 22:35:02 - [58090117] ----D- C:\Program Files\Canvas 6

O43 - CFD: 09/10/2009 - 06:45:12 - [3704864] ----D- C:\Program Files\CCleaner

O43 - CFD: 09/10/2009 - 17:53:38 - [0] ----D- C:\Program Files\MSXML 4.0

O43 - CFD: 09/10/2009 - 17:58:24 - [800662] ----D- C:\Program Files\Microsoft CAPICOM 2.1.0.2

O43 - CFD: 10/10/2009 - 20:27:08 - [5110865] ----D- C:\Program Files\Bank

O43 - CFD: 12/10/2009 - 22:12:14 - [286125467] ----D- C:\Program Files\Java

O43 - CFD: 15/10/2009 - 11:01:10 - [3581070] ----D- C:\Program Files\Windows Media Connect 2

O43 - CFD: 15/10/2009 - 12:52:08 - [37084929] ----D- C:\Program Files\Reference Assemblies

O43 - CFD: 15/10/2009 - 13:00:34 - [25757] ----D- C:\Program Files\MSBuild

O43 - CFD: 15/10/2009 - 13:59:38 - [109864531] ----D- C:\Program Files\Google

O43 - CFD: 15/10/2009 - 17:59:42 - [31565738] ----D- C:\Program Files\Mozilla Firefox

O43 - CFD: 16/10/2009 - 21:50:22 - [238466313] ----D- C:\Program Files\Micro Application

O43 - CFD: 16/10/2009 - 23:02:32 - [20118307] ----D- C:\Program Files\khi3

O43 - CFD: 19/10/2009 - 18:44:22 - [2745852] ----D- C:\Program Files\ConTEXT

O43 - CFD: 19/10/2009 - 18:55:16 - [10175512] ----D- C:\Program Files\DAEMON Tools Pro

O43 - CFD: 19/10/2009 - 20:12:10 - [323584] ----D- C:\Program Files\Bonjour

O43 - CFD: 23/10/2009 - 17:34:54 - [136567951] ----D- C:\Program Files\Windows Live

O43 - CFD: 23/10/2009 - 17:35:32 - [245112] ----D- C:\Program Files\Windows Live SkyDrive

O43 - CFD: 23/10/2009 - 17:36:04 - [1544075] ----D- C:\Program Files\Microsoft

O43 - CFD: 23/10/2009 - 17:38:18 - [1829877] ----D- C:\Program Files\Microsoft SQL Server Compact Edition

O43 - CFD: 23/10/2009 - 17:40:32 - [2188837] ----D- C:\Program Files\Microsoft Sync Framework

O43 - CFD: 02/11/2009 - 16:50:04 - [3239289767] ----D- C:\Program Files\ArcGIS

O43 - CFD: 02/11/2009 - 17:32:58 - [240850775] ----D- C:\Program Files\Business Objects

O43 - CFD: 03/11/2009 - 17:56:16 - [2618612] ----D- C:\Program Files\VS Revo Group

O43 - CFD: 04/11/2009 - 10:14:36 - [50002] ----D- C:\Program Files\EPSON

O43 - CFD: 10/11/2009 - 19:13:20 - [3711350] ----D- C:\Program Files\Filzip

O43 - CFD: 12/11/2009 - 17:05:28 - [38411899] ----D- C:\Program Files\Microsoft Silverlight

O43 - CFD: 19/11/2009 - 21:07:00 - [575205664] ----D- C:\Program Files\AutoCAD 2008

O43 - CFD: 20/11/2009 - 17:48:28 - [386385049] ----D- C:\Program Files\OpenOffice.org 3

O43 - CFD: 22/11/2009 - 17:27:20 - [1959852] ----D- C:\Program Files\Seagate Software

O43 - CFD: 22/11/2009 - 17:30:20 - [4952238] ----D- C:\Program Files\ER Mapper1

O43 - CFD: 02/12/2009 - 21:35:00 - [15383281] ----D- C:\Program Files\CDBurnerXP

O43 - CFD: 03/12/2009 - 18:27:00 - [1595875] ----D- C:\Program Files\Trend Micro

O43 - CFD: 16/12/2009 - 10:23:08 - [26500555] ----D- C:\Program Files\Sun

O43 - CFD: 18/12/2009 - 19:50:10 - [3347608] ----D- C:\Program Files\Defraggler

O43 - CFD: 20/12/2009 - 23:59:44 - [637813937] ----D- C:\Program Files\Microsoft Office

O43 - CFD: 20/12/2009 - 23:59:44 - [315392] ----D- C:\Program Files\Microsoft.NET

O43 - CFD: 21/12/2009 - 00:00:22 - [14904] ----D- C:\Program Files\Microsoft Visual Studio

O43 - CFD: 21/12/2009 - 00:00:32 - [4368271] ----D- C:\Program Files\Microsoft Works

O43 - CFD: 07/01/2010 - 21:23:50 - [29794014] ----D- C:\Program Files\MSECache

O43 - CFD: 12/01/2010 - 12:35:52 - [268061] ----D- C:\Program Files\SUPERAntiSpyware

O43 - CFD: 14/01/2010 - 20:11:32 - [21175187] ----D- C:\Program Files\ESRI

O43 - CFD: 14/01/2010 - 20:14:14 - [327659] ----D- C:\Program Files\SafeNet Sentinel

O43 - CFD: 14/01/2010 - 20:46:28 - [1160840] ----D- C:\Program Files\Leica Geosystems

O43 - CFD: 16/01/2010 - 22:56:34 - [119652303] ----D- C:\Program Files\eclipse

O43 - CFD: 23/01/2010 - 11:09:10 - [3959044] ----D- C:\Program Files\FAOCLIM2

O43 - CFD: 25/01/2010 - 14:27:30 - [87595703] ----D- C:\Program Files\New_LocClim V1.10

O43 - CFD: 15/02/2010 - 12:37:46 - [8972952] ----D- C:\Program Files\Notepad++

O43 - CFD: 17/02/2010 - 13:29:12 - [130920069] ----D- C:\Program Files\GIMP-2.0

O43 - CFD: 09/03/2010 - 20:00:32 - [26483382] ----D- C:\Program Files\Solstice

O43 - CFD: 16/03/2010 - 18:05:24 - [128613] ----D- C:\Program Files\NirSoft

O43 - CFD: 05/04/2010 - 12:32:08 - [337644300] ----D- C:\Program Files\Microsoft Bootvis

O43 - CFD: 05/04/2010 - 14:25:44 - [22641577] ----D- C:\Program Files\Glary Utilities

O43 - CFD: 21/05/2010 - 11:52:14 - [78824123] ----D- C:\Program Files\VideoLAN

O43 - CFD: 03/06/2010 - 11:47:00 - [42453231] ----D- C:\Program Files\Bouml

O43 - CFD: 29/06/2010 - 08:54:08 - [1372057] ----D- C:\Program Files\FastStone Capture

O43 - CFD: 02/07/2010 - 16:22:54 - [16374555] ----D- C:\Program Files\Kodak

O43 - CFD: 02/07/2010 - 16:27:52 - [163185051] ----D- C:\Program Files\ArcSoft

O43 - CFD: 02/07/2010 - 16:29:50 - [80854282] ----D- C:\Program Files\QuickTime

O43 - CFD: 19/07/2010 - 13:39:24 - [23444560] ----D- C:\Program Files\IncrediMail

O43 - CFD: 02/11/2010 - 10:52:04 - [180103167] ----D- C:\Program Files\AutoCAD 2004

O43 - CFD: 02/11/2010 - 10:54:18 - [3997789] ----D- C:\Program Files\AnswerWorks 4.0

O43 - CFD: 02/11/2010 - 11:52:08 - [184439123] ----D- C:\Program Files\Géomédia

O43 - CFD: 08/11/2010 - 18:32:44 - [161142240] ----D- C:\Program Files\Samsung

O43 - CFD: 08/11/2010 - 18:34:10 - [2916264] ----D- C:\Program Files\DIFX

O43 - CFD: 04/12/2010 - 14:29:34 - [6983477] ----D- C:\Program Files\Malwarebytes' Anti-Malware

O43 - CFD: 18/12/2010 - 13:43:02 - [4109787] ----D- C:\Program Files\ZHPDiag

O43 - CFD: 30/12/2010 - 21:42:06 - [109535841] ----D- C:\Program Files\ESET

O43 - CFD: 27/01/2011 - 12:12:26 - [18110254] ----D- C:\Program Files\Microsoft Security Client

O43 - CFD: 06/02/2011 - 16:21:30 - [232992825] ----D- C:\Program Files\HP

O43 - CFD: 06/02/2011 - 16:23:58 - [1731312] ----D- C:\Program Files\Hewlett-Packard

O43 - CFD: 12/03/2011 - 15:25:08 - [1793087] ----D- C:\Program Files\Metris

O43 - CFD: 29/03/2011 - 12:15:38 - [1293237] ----D- C:\Program Files\Softland

O43 - CFD: 20/04/2011 - 08:04:30 - [278384412] ----D- C:\Program Files\DWG TrueView 2010

O43 - CFD: 18/05/2011 - 09:00:36 - [114802227] ----D- C:\Program Files\FinePixViewer

O43 - CFD: 21/05/2011 - 18:24:28 - [12884363] ----D- C:\Program Files\LG Mobile

O43 - CFD: 26/06/2011 - 07:43:00 - [112293845] ----D- C:\Program Files\Ad-Remover

O43 - CFD: 14/07/2011 - 12:45:52 - [2518241] ----D- C:\Program Files\Free Window Registry Repair

O43 - CFD: 19/07/2011 - 09:36:10 - [1772405] ----D- C:\Program Files\RogueRemover FREE

O43 - CFD: 19/08/2006 - 04:30:58 - [355738203] ----D- C:\Program Files\Fichiers Communs\Microsoft Shared

O43 - CFD: 19/08/2006 - 04:30:58 - [3787229] ----D- C:\Program Files\Fichiers Communs\SpeechEngines

O43 - CFD: 19/08/2006 - 04:31:02 - [0] ----D- C:\Program Files\Fichiers Communs\ODBC

O43 - CFD: 19/08/2006 - 04:41:54 - [21139254] ----D- C:\Program Files\Fichiers Communs\System

O43 - CFD: 19/08/2006 - 04:42:10 - [284160] ----D- C:\Program Files\Fichiers Communs\MSSoap

O43 - CFD: 19/08/2006 - 04:42:12 - [8106] ----D- C:\Program Files\Fichiers Communs\Services

O43 - CFD: 19/08/2006 - 05:20:18 - [18992922] ----D- C:\Program Files\Fichiers Communs\InstallShield

O43 - CFD: 19/08/2006 - 05:25:02 - [531677712] ----D- C:\Program Files\Fichiers Communs\Adobe

O43 - CFD: 19/08/2006 - 05:31:38 - [13290844] ----D- C:\Program Files\Fichiers Communs\NewTech Infosystems

O43 - CFD: 19/08/2006 - 05:32:20 - [6003080] ----D- C:\Program Files\Fichiers Communs\muvee Technologies

O43 - CFD: 19/08/2006 - 05:32:38 - [6166972] ----D- C:\Program Files\Fichiers Communs\LightScribe

O43 - CFD: 19/08/2006 - 06:19:00 - [450406] ----D- C:\Program Files\Fichiers Communs\Symantec Shared

O43 - CFD: 07/10/2009 - 20:35:40 - [96199712] ----D- C:\Program Files\Fichiers Communs\Autodesk Shared

O43 - CFD: 07/10/2009 - 20:36:06 - [197904] ----D- C:\Program Files\Fichiers Communs\Designer

O43 - CFD: 07/10/2009 - 20:36:48 - [930725] ----D- C:\Program Files\Fichiers Communs\Macrovision Shared

O43 - CFD: 07/10/2009 - 21:27:04 - [72704] ----D- C:\Program Files\Fichiers Communs\Adobe Systems Shared

O43 - CFD: 12/10/2009 - 22:12:08 - [144899160] ----D- C:\Program Files\Fichiers Communs\Java

O43 - CFD: 23/10/2009 - 17:27:32 - [91944076] ----D- C:\Program Files\Fichiers Communs\Windows Live

O43 - CFD: 02/11/2009 - 16:53:02 - [47463566] ----D- C:\Program Files\Fichiers Communs\ESRI

O43 - CFD: 12/11/2009 - 20:32:18 - [0] ----D- C:\Program Files\Fichiers Communs\SWF Studio

O43 - CFD: 14/01/2010 - 20:14:14 - [1806719] ----D- C:\Program Files\Fichiers Communs\SafeNet Sentinel

O43 - CFD: 14/01/2010 - 20:48:12 - [5133227] ----D- C:\Program Files\Fichiers Communs\AnswerWorks 4.0

O43 - CFD: 02/07/2010 - 16:27:52 - [65048972] ----D- C:\Program Files\Fichiers Communs\ArcSoft

O43 - CFD: 06/02/2011 - 16:23:24 - [457237] ----D- C:\Program Files\Fichiers Communs\Hewlett-Packard

O43 - CFD: 06/02/2011 - 16:26:42 - [2374144] ----D- C:\Program Files\Fichiers Communs\HP

O43 - CFD: 19/08/2006 - 04:56:48 - [0] ----D- C:\Documents and Settings\Léo\Application Data\Identities

O43 - CFD: 19/08/2006 - 05:40:16 - [357229] ----D- C:\Documents and Settings\Léo\Application Data\Acer

O43 - CFD: 19/08/2006 - 04:30:24 - [12696486] -S--D- C:\Documents and Settings\Léo\Application Data\Microsoft

O43 - CFD: 21/05/2010 - 11:54:28 - [477376] ----D- C:\Documents and Settings\Léo\Application Data\vlc

O43 - CFD: 04/06/2010 - 22:21:04 - [199] ----D- C:\Documents and Settings\Léo\Application Data\dvdcss

O43 - CFD: 17/03/2010 - 16:12:22 - [0] ----D- C:\Documents and Settings\Léo\Application Data\Media Player Classic

O43 - CFD: 06/10/2009 - 21:33:10 - [1671] ----D- C:\Documents and Settings\Léo\Application Data\Macromedia

O43 - CFD: 06/10/2009 - 21:54:02 - [10758] ----D- C:\Documents and Settings\Léo\Application Data\CyberLink

O43 - CFD: 07/10/2009 - 18:13:18 - [2579592] ----D- C:\Documents and Settings\Léo\Application Data\MapInfo

O43 - CFD: 07/10/2009 - 18:48:12 - [10874626] ----D- C:\Documents and Settings\Léo\Application Data\Thinstall

O43 - CFD: 29/06/2010 - 08:55:32 - [2296] ----D- C:\Documents and Settings\Léo\Application Data\FastStone

O43 - CFD: 02/07/2010 - 16:28:46 - [4161619] ----D- C:\Documents and Settings\Léo\Application Data\ArcSoft

O43 - CFD: 07/10/2009 - 19:00:48 - [12542477] ----D- C:\Documents and Settings\Léo\Application Data\Adobe

O43 - CFD: 07/10/2009 - 19:31:16 - [0] ----D- C:\Documents and Settings\Léo\Application Data\AdobeUM

O43 - CFD: 02/07/2010 - 16:45:16 - [280] ----D- C:\Documents and Settings\Léo\Application Data\KodakCredentialStore

O43 - CFD: 18/07/2010 - 11:58:58 - [169] ----D- C:\Documents and Settings\Léo\Application Data\gtk-2.0

O43 - CFD: 07/10/2009 - 20:35:40 - [20427528] ----D- C:\Documents and Settings\Léo\Application Data\Autodesk

O43 - CFD: 02/07/2010 - 17:03:32 - [0] ----D- C:\Documents and Settings\Léo\Application Data\Apple Computer

O43 - CFD: 20/09/2010 - 10:02:54 - [9496] ----D- C:\Documents and Settings\Léo\Application Data\GARMIN

O43 - CFD: 08/11/2010 - 18:38:42 - [1332228] ----D- C:\Documents and Settings\Léo\Application Data\Samsung

O43 - CFD: 07/10/2009 - 18:53:34 - [11969613] ----D- C:\Documents and Settings\Léo\Application Data\Mozilla

O43 - CFD: 07/10/2009 - 22:37:36 - [282] ----D- C:\Documents and Settings\Léo\Application Data\Help

O43 - CFD: 06/02/2011 - 18:04:26 - [34522] ----D- C:\Documents and Settings\Léo\Application Data\HP

O43 - CFD: 09/10/2009 - 18:24:46 - [21043285] ----D- C:\Documents and Settings\Léo\Application Data\Malwarebytes

O43 - CFD: 18/05/2011 - 09:00:04 - [0] ----D- C:\Documents and Settings\Léo\Application Data\InstallShield

O43 - CFD: 18/05/2011 - 09:01:38 - [117278] ----D- C:\Documents and Settings\Léo\Application Data\FUJIFILM

O43 - CFD: 12/10/2009 - 22:08:36 - [116893991] ----D- C:\Documents and Settings\Léo\Application Data\Sun

O43 - CFD: 15/10/2009 - 14:02:02 - [106107] ----D- C:\Documents and Settings\Léo\Application Data\Google

O43 - CFD: 19/10/2009 - 19:02:48 - [44248] ----D- C:\Documents and Settings\Léo\Application Data\DAEMON Tools Pro

O43 - CFD: 02/11/2009 - 17:25:22 - [7198062] ----D- C:\Documents and Settings\Léo\Application Data\ESRI

O43 - CFD: 02/11/2009 - 21:01:34 - [43733] ----D- C:\Documents and Settings\Léo\Application Data\Intel

O43 - CFD: 12/11/2009 - 20:32:16 - [0] -SH-D- C:\Documents and Settings\Léo\Application Data\.#

O43 - CFD: 20/11/2009 - 17:52:38 - [4873315] ----D- C:\Documents and Settings\Léo\Application Data\OpenOffice.org

O43 - CFD: 02/12/2009 - 21:35:46 - [5360] ----D- C:\Documents and Settings\Léo\Application Data\Canneverbe_Limited

O43 - CFD: 04/12/2009 - 14:38:50 - [0] ----D- C:\Documents and Settings\Léo\Application Data\WinRAR

O43 - CFD: 24/01/2010 - 10:55:32 - [0] ----D- C:\Documents and Settings\Léo\Application Data\Safe Software

O43 - CFD: 27/02/2010 - 08:29:46 - [106169] ----D- C:\Documents and Settings\Léo\Application Data\Notepad++

O43 - CFD: 05/04/2010 - 15:36:16 - [361796] ----D- C:\Documents and Settings\Léo\Application Data\GlarySoft

O43 - CFD: 19/05/2010 - 17:46:28 - [18012] ----D- C:\Documents and Settings\Léo\Application Data\Yahoo!

O43 - CFD: 19/08/2006 - 04:54:38 - [23992] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\ApplicationHistory

O43 - CFD: 19/08/2006 - 04:44:34 - [119882644] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Microsoft

O43 - CFD: 07/10/2009 - 19:00:50 - [15403161] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Adobe

O43 - CFD: 07/10/2009 - 20:36:10 - [34013180] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Autodesk

O43 - CFD: 07/10/2009 - 22:37:36 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Help

O43 - CFD: 09/10/2009 - 16:37:46 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\PCHealth

O43 - CFD: 12/10/2009 - 22:09:20 - [47275520] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\{35A3A4F2-B792-11D6-A78A-00B0D0142160}

O43 - CFD: 15/10/2009 - 13:37:00 - [55136] --H-D- C:\Documents and Settings\Léo\Local Settings\Application Data\acer eNM

O43 - CFD: 15/10/2009 - 13:59:38 - [681401550] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Google

O43 - CFD: 15/10/2009 - 17:59:54 - [42838456] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Mozilla

O43 - CFD: 04/11/2009 - 08:51:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Microsoft Help

O43 - CFD: 28/11/2009 - 15:35:08 - [1567594] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Xenocode

O43 - CFD: 18/03/2010 - 14:14:04 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Temp

O43 - CFD: 19/05/2010 - 17:46:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Yahoo

O43 - CFD: 02/07/2010 - 16:28:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\ArcSoft

O43 - CFD: 02/07/2010 - 16:29:42 - [9396] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Apple Computer

O43 - CFD: 02/07/2010 - 16:40:20 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\KodakGallery

O43 - CFD: 19/07/2010 - 13:39:40 - [13595597] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\IM

O43 - CFD: 19/08/2006 - 04:54:38 - [23992] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\ApplicationHistory

O43 - CFD: 19/08/2006 - 04:44:34 - [119882644] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Microsoft

O43 - CFD: 07/10/2009 - 19:00:50 - [15403161] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Adobe

O43 - CFD: 07/10/2009 - 20:36:10 - [34013180] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Autodesk

O43 - CFD: 07/10/2009 - 22:37:36 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Help

O43 - CFD: 09/10/2009 - 16:37:46 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\PCHealth

O43 - CFD: 12/10/2009 - 22:09:20 - [47275520] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\{35A3A4F2-B792-11D6-A78A-00B0D0142160}

O43 - CFD: 15/10/2009 - 13:37:00 - [55136] --H-D- C:\Documents and Settings\Léo\Local Settings\Application Data\acer eNM

O43 - CFD: 15/10/2009 - 13:59:38 - [681401550] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Google

O43 - CFD: 15/10/2009 - 17:59:54 - [42838456] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Mozilla

O43 - CFD: 04/11/2009 - 08:51:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Microsoft Help

O43 - CFD: 28/11/2009 - 15:35:08 - [1567594] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Xenocode

O43 - CFD: 18/03/2010 - 14:14:04 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Temp

O43 - CFD: 19/05/2010 - 17:46:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Yahoo

O43 - CFD: 02/07/2010 - 16:28:52 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\ArcSoft

O43 - CFD: 02/07/2010 - 16:29:42 - [9396] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\Apple Computer

O43 - CFD: 02/07/2010 - 16:40:20 - [0] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\KodakGallery

O43 - CFD: 19/07/2010 - 13:39:40 - [13595597] ----D- C:\Documents and Settings\Léo\Local Settings\Application Data\IM

 

 

 

---\\ Derniers fichiers modifiés ou crées sous Windows et System32 (O44)

O44 - LFC:[MD5.7CEE1200FEFFFFFF57494E444F577E31] - 19/07/2011 - 11:58:22 ---A- . (...) -- C:\WINDOWS\WindowsUpdate.log [1111979]

O44 - LFC:[MD5.A2CB40CDD8BA0B3617F167538DDAE8CA] - 19/07/2011 - 11:57:58 ---A- . (...) -- C:\WINDOWS\Filzip.ini [41]

O44 - LFC:[MD5.357788DED650FB0B89360E7706875865] - 19/07/2011 - 11:52:26 ---A- . (...) -- C:\WINDOWS\System32\eRLog.ini [451]

O44 - LFC:[MD5.6AB0FD4BEE15FA1C35F74DFAFC09A68A] - 19/07/2011 - 11:51:14 ---A- . (...) -- C:\WINDOWS\System32\nvapps.xml [51048]

O44 - LFC:[MD5.E080DEED72BCD16BEF4F87B600F149C7] - 19/07/2011 - 11:49:54 ---A- . (...) -- C:\WINDOWS\System32\FNTCACHE.DAT [1805744]

O44 - LFC:[MD5.7CEE1200FEFFFFFF0000000098F11200] - 19/07/2011 - 11:47:22 ---A- . (...) -- C:\WINDOWS\wiadebug.log [159]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 19/07/2011 - 11:46:14 ---A- . (...) -- C:\WINDOWS\0.log [0]

O44 - LFC:[MD5.6A2CB42966136854F4464516FBB4AE72] - 19/07/2011 - 11:45:48 -S-A- . (...) -- C:\WINDOWS\bootstat.dat [2048]

O44 - LFC:[MD5.7CEE1200FEFFFFFF53434845444C4755] - 19/07/2011 - 11:44:36 ---A- . (...) -- C:\WINDOWS\SchedLgU.Txt [32604]

O44 - LFC:[MD5.7CEE1200FEFFFFFF0000000098F11200] - 19/07/2011 - 11:44:36 ---A- . (...) -- C:\WINDOWS\wiaservc.log [50]

O44 - LFC:[MD5.873EA3362AA6AC9B704F6C27D2CC7445] - 19/07/2011 - 11:44:34 ---A- . (...) -- C:\WINDOWS\bthservsdp.dat [12]

O44 - LFC:[MD5.7BF8E905406310216EB99708131E5337] - 19/07/2011 - 10:51:26 ---A- . (...) -- C:\TB.txt [2670]

O44 - LFC:[MD5.7814A63FD239A5B4C05EF7C9F816DC74] - 19/07/2011 - 10:45:14 ---A- . (...) -- C:\TCleaner.txt [1025]

O44 - LFC:[MD5.B01D8D7A13B4E8CD10F7769692F81C5D] - 18/07/2011 - 07:06:52 ---A- . (...) -- C:\WINDOWS\System32\wpa.dbl [1158]

O44 - LFC:[MD5.26661C877FCA4EEC47F61052AF67AC0C] - 14/07/2011 - 12:35:02 ---A- . (...) -- C:\rapport.txt [6695]

O44 - LFC:[MD5.626237E28D84E6DDB251771D95E38E9D] - 14/07/2011 - 12:31:46 ---A- . (...) -- C:\WINDOWS\System32\tmp.reg [4330]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 14/07/2011 - 12:31:46 ---A- . (...) -- C:\WINDOWS\System32\tmp.txt [0]

O44 - LFC:[MD5.5DE2A420AD61448C59EF9962415CB79E] - 14/07/2011 - 12:30:42 ---A- . (...) -- C:\UsbFix.txt [1201]

O44 - LFC:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 06/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbam.sys [22712]

O44 - LFC:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 06/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [41272]

O44 - LFC:[MD5.7BCB7E61D2BEFAC34A0F0F9C5E15D89A] - 01/07/2011 - 08:35:16 ---A- . (...) -- C:\WINDOWS\System32\PerfStringBackup.INI [1121138]

O44 - LFC:[MD5.FDABEF82D2034A8AB3220450AEBDB74E] - 01/07/2011 - 08:35:16 ---A- . (...) -- C:\WINDOWS\System32\perfc009.dat [76308]

O44 - LFC:[MD5.91D8DEDE040FE63D898D5215B9C3F6F5] - 01/07/2011 - 08:35:16 ---A- . (...) -- C:\WINDOWS\System32\perfc00C.dat [90624]

O44 - LFC:[MD5.22D04EA91CAF1EAFEA2AB8A29E3138DE] - 01/07/2011 - 08:35:16 ---A- . (...) -- C:\WINDOWS\System32\perfh009.dat [456864]

O44 - LFC:[MD5.54C1659C19FDF87A404BC7C8E715F073] - 01/07/2011 - 08:35:16 ---A- . (...) -- C:\WINDOWS\System32\perfh00C.dat [527446]

O44 - LFC:[MD5.A296C42922D794E3FD2175F197F62D49] - 01/07/2011 - 08:24:44 ---A- . (...) -- C:\WINDOWS\win.ini [677]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/06/2011 - 16:46:04 ---A- . (...) -- C:\cmserver.log [0]

O44 - LFC:[MD5.D41D8CD98F00B204E9800998ECF8427E] - 29/06/2011 - 16:46:04 ---A- . (...) -- C:\conmgr.log [0]

O44 - LFC:[MD5.9CB3416D6853D3098EA3584AB1A79BD1] - 26/06/2011 - 09:12:58 ---A- . (...) -- C:\WINDOWS\ModemLog_SAMSUNG CDMA Modem #2.txt [10362]

O44 - LFC:[MD5.7BD0E96A92AF51E5BE11E432062F44A5] - 26/06/2011 - 09:10:20 ---A- . (...) -- C:\UsbFix_Upload_Me_SUPERADA.zip [4547]

 

 

 

---\\ Opérations et fonctions au démarrage de Windows Explorer (O46)

O46 - SEH:ShellExecuteHooks - URL Exec Hook - {AEB6717E-7E19-11d0-97EE-00C04FD91972} - shell32.dll

 

 

 

---\\ Export de clé d'application autorisée (O47)

O47 - AAKE:Key Export SP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

O47 - AAKE:Key Export DP - "%windir%\system32\sessmgr.exe" [Enabled] .(.Microsoft Corporation - Gestionnaire de session de l'aide sur le Bureau à distance de Microsoft®.) -- C:\WINDOWS\system32\sessmgr.exe

 

 

 

---\\ Contrôle du Safe Boot (CSB) (O49)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Minimal\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmboot.sys . (.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disque NT.) -- C:\WINDOWS\System32\Drivers\dmboot.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmio.sys . (.Microsoft Corp., Veritas Software - Pilote E/S du Gestionnaire de disques NT.) -- C:\WINDOWS\System32\Drivers\dmio.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\dmload.sys . (.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) -- C:\WINDOWS\System32\Drivers\dmload.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ip6fw.sys . (.Microsoft Corporation - IPv6 Windows Firewall Driver.) -- C:\WINDOWS\System32\Drivers\ip6fw.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\ipnat.sys . (.Microsoft Corporation - IP Network Address Translator.) -- C:\WINDOWS\System32\Drivers\ipnat.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpcdd.sys . (.Microsoft Corporation - RDP Miniport.) -- C:\WINDOWS\System32\Drivers\rdpcdd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpdd.sys . (...) -- C:\WINDOWS\System32\Drivers\rdpdd.sys (.not file.)

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\rdpwd.sys . (.Microsoft Corporation - RDP Terminal Stack Driver (US/Canada Only, Not for Export).) -- C:\WINDOWS\System32\Drivers\rdpwd.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sermouse.sys . (.Microsoft Corporation - Pilote de filtre souris série.) -- C:\WINDOWS\System32\Drivers\sermouse.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\sr.sys . (.Microsoft Corporation - Pilote de filtre de système de fichiers pour la restauration du système.) -- C:\WINDOWS\System32\Drivers\sr.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdpipe.sys . (.Microsoft Corporation - Named Pipe Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdpipe.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\tdtcp.sys . (.Microsoft Corporation - TCP Transport Driver.) -- C:\WINDOWS\System32\Drivers\tdtcp.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vga.sys . (.Microsoft Corporation - VGA/Super VGA Video Driver.) -- C:\WINDOWS\System32\Drivers\vga.sys

O49 - CSB:Control Safe Boot HKLM\...\CCS\Network\vgasave.sys . (...) -- C:\WINDOWS\System32\Drivers\vgasave.sys (.not file.)

 

 

 

---\\ Image File Execution Options (IFEO) (O50)

O50 - IFEO:Image File Execution Options - Your Image File Name Here without a path - ntsd -d

 

 

 

---\\ Trojan Driver Search Data (HKLM) (O52)

O52 - TDSD: \Drivers32\"msacm.trspch"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \Drivers32\"vidc.cvid"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \Drivers32\"vidc.iv31"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv32"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \Drivers32\"vidc.iv41"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \Drivers32\"msacm.sl_anet"="sl_anet.acm" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \Drivers32\"msacm.iac2"="C:\WINDOWS\system32\iac25_32.ax" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \Drivers32\"vidc.iv50"="ir50_32.dll" . (.Intel Corporation - Intel Indeo® video 5.10.) -- C:\WINDOWS\System32\ir50_32.dll

O52 - TDSD: \Drivers32\"msacm.l3acm"="C:\WINDOWS\system32\l3codeca.acm" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \Drivers32\"SENTINEL"="snti386.dll" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\WINDOWS\System32\snti386.dll

O52 - TDSD: \drivers.desc\"sl_anet.acm"="Sipro Lab Telecom Audio Codec" . (.Sipro Lab Telecom Inc. - Audio codec for MS ACM.) -- C:\WINDOWS\System32\sl_anet.acm

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\iac25_32.ax"="Indeo® audio software" . (.Intel Corporation - Indeo® audio software.) -- C:\WINDOWS\system32\iac25_32.ax

O52 - TDSD: \drivers.desc\"ir50_32.dll"="Indeo® video 5.10" . (...) -- (.not file.)

O52 - TDSD: \drivers.desc\"C:\WINDOWS\system32\l3codeca.acm"="Fraunhofer IIS MPEG Layer-3 Codec" . (.Fraunhofer Institut Integrierte Schaltungen - MPEG Layer-3 Audio Codec for MSACM.) -- C:\WINDOWS\system32\l3codeca.acm

O52 - TDSD: \drivers.desc\"tssoft32.acm"="tssoft32.acm" . (.DSP GROUP, INC. - Codec audio TrueSpeech DSP Group pour MSACM V3.50.) -- C:\WINDOWS\System32\tssoft32.acm

O52 - TDSD: \drivers.desc\"iccvid.dll"="iccvid.dll" . (.Radius Inc. - Cinepak® Codec.) -- C:\WINDOWS\System32\iccvid.dll

O52 - TDSD: \drivers.desc\"ir32_32.dll"="ir32_32.dll" . (...) -- C:\WINDOWS\System32\ir32_32.dll

O52 - TDSD: \drivers.desc\"ir41_32.ax"="ir41_32.ax" . (.Intel Corporation - Intel Indeo® Video 4.5.) -- C:\WINDOWS\System32\ir41_32.ax

O52 - TDSD: \drivers.desc\"snti386.dll"="Sentinel for i386 Systems" . (.Rainbow Technologies, Inc. - Sentinel Driver Setup DLL.) -- C:\WINDOWS\System32\snti386.dll

 

 

 

---\\ ShareTools MSconfig StartupReg (O53)

O53 - SMSR:HKLM\...\startupreg\Acer ePower Management [Key] . (.Acer Value Labs, Taiwan - Acer ePower Management.) -- C:\Acer\Empowering Technology\ePower\Acer ePower Management.exe

O53 - SMSR:HKLM\...\startupreg\ArcSoft Connection Service [Key] . (.ArcSoft Inc. - ArcSoft Connect Daemon.) -- C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACDaemon.exe

O53 - SMSR:HKLM\...\startupreg\ctfmon.exe [Key] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O53 - SMSR:HKLM\...\startupreg\DAEMON Tools Pro Agent [Key] . (.DT Soft Ltd. - DAEMON Tools Pro Tray Application.) -- C:\Program Files\DAEMON Tools Pro\DTProAgent.exe

O53 - SMSR:HKLM\...\startupreg\IncrediMail [Key] . (.IncrediMail, Ltd. - IncrediMail Application.) -- C:\Program Files\IncrediMail\bin\IncMail.exe

O53 - SMSR:HKLM\...\startupreg\MediaDico [Key] . (.L'Aventure Multimedia - Pas de description.) -- C:\Program Files\Micro Application\12 DICOS Indispensables\LanceMediaDICO12.exe

O53 - SMSR:HKLM\...\startupreg\ntiMUI [Key] . (...) -- C:\Program Files\NewTech Infosystems\NTI CD & DVD-Maker 7\ntiMUI.exe

O53 - SMSR:HKLM\...\startupreg\QuickTime Task [Key] . (.Apple Inc. - QuickTime Task.) -- C:\Program Files\QuickTime\QTTask.exe

O53 - SMSR:HKLM\...\startupreg\swg [Key] . (.Google Inc. - GoogleToolbarNotifier.) -- C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

 

 

 

---\\ Microsoft Control Security Providers (O54)

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\CurrentControlSet\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Client DPA pour plate-forme 32 bit.) -- C:\WINDOWS\system32\msapsspc.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - TLS / SSL Security Provider.) -- C:\WINDOWS\system32\schannel.dll

O54 - MCSP:[HKLM\...\ControlSet001\Control] - (SecurityProviders) - (.Microsoft Corporation - Package d'authentification Digest SSPI.) -- C:\WINDOWS\system32\digest.dll

 

 

 

---\\ Microsoft Windows Policies System (O55)

O55 - MWPS:[HKLM\...\Policies\System] - "dontdisplaylastusername"=0

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticecaption"=

O55 - MWPS:[HKLM\...\Policies\System] - "legalnoticetext"=

O55 - MWPS:[HKLM\...\Policies\System] - "shutdownwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "undockwithoutlogon"=1

O55 - MWPS:[HKLM\...\Policies\System] - "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles

O55 - MWPS:[HKLM\...\Policies\System] - "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme

 

 

 

---\\ Microsoft Windows Policies Explorer (O56)

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveTypeAutoRun"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "HonorAutoRunSetting"=0

O56 - MWPE:[HKCU\...\policies\Explorer] - "NoDriveAutoRun"=3

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveAutoRun"=3

O56 - MWPE:[HKLM\...\policies\Explorer] - "NoDriveTypeAutoRun"=0

O56 - MWPE:[HKLM\...\policies\Explorer] - "HonorAutoRunSetting"=0

 

 

 

---\\ Liste des Drivers Système (O58)

O58 - SDL:[MD5.C1D5CBD8AA0D674DA1BA1BB189696396] - 19/07/2011 - 16:52:30 ---A- . (.Conexant Systems, Inc. - HSF_CNXT driver.) -- C:\WINDOWS\system32\drivers\HSF_CNXT.sys [721280]

O58 - SDL:[MD5.80D317BD1C3DBC5D4FE7B1678C60CADD] - 19/07/2011 - 20:00:00 ---A- . (.Parallel Technologies, Inc. - Parallel Technologies DirectParallel IO Library.) -- C:\WINDOWS\system32\drivers\ptilink.sys [17792]

O58 - SDL:[MD5.6B33D0EBD30DB32E27D1D78FE946A754] - 19/07/2011 - 20:36:40 ---A- . (.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) -- C:\WINDOWS\system32\drivers\sisagp.sys [40960]

O58 - SDL:[MD5.E550E7418984B65A78299D248F0A7F36] - 19/07/2011 - 20:00:00 ---A- . (.Mylex Corporation - Mylex Disk Array Controller Driver.) -- C:\WINDOWS\system32\drivers\dac2w2k.sys [179584]

O58 - SDL:[MD5.C9B25AE9B8ABD983C5AD3F8CBFAB0F9C] - 19/07/2011 - 20:00:00 ---A- . (.RAVISENT Technologies Inc. - Pilote principal CineMaster C 1.2 WDM.) -- C:\WINDOWS\system32\drivers\cinemst2.sys [262528]

O58 - SDL:[MD5.9624293E55AD405415862B504CA95B73] - 19/07/2011 - 20:00:00 ---A- . (.Compaq Computer Corporation - Compaq PA-1 Player Driver.) -- C:\WINDOWS\system32\drivers\cpqdap01.sys [11776]

O58 - SDL:[MD5.BE984D604D91C217355CDD3737AAD25D] - 19/07/2011 - 20:00:00 ---A- . (.S3/Diamond Multimedia Systems - NikeDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\nikedrv.sys [12032]

O58 - SDL:[MD5.A56FE08EC7473E8580A390BB1081CDD7] - 19/07/2011 - 20:00:00 ---A- . (.S3/Diamond Multimedia Systems - Rio8Drv.sys Usb Driver.) -- C:\WINDOWS\system32\drivers\rio8drv.sys [12032]

O58 - SDL:[MD5.0A854DF84C77A0BE205BFEAB2AE4F0EC] - 19/07/2011 - 20:00:00 ---A- . (.S3/Diamond Multimedia Systems - RioDrv Usb Driver.) -- C:\WINDOWS\system32\drivers\riodrv.sys [12032]

O58 - SDL:[MD5.D74A8EC75305F1D3CFDE7C7FC1BD62A9] - 19/07/2011 - 20:00:00 ---A- . (.Toshiba Corporation - WDM Toshiba Tecra Video Capture Driver.) -- C:\WINDOWS\system32\drivers\tsbvcap.sys [21376]

O58 - SDL:[MD5.55E01061C74A8CEFFF58DC36114A8D3F] - 19/07/2011 - 20:00:00 ---A- . (.RAVISENT Technologies Inc. - CineMaster C WDM DVD Minidriver.) -- C:\WINDOWS\system32\drivers\vdmindvd.sys [58112]

O58 - SDL:[MD5.9D1177C2A8DE936B33D85FF75E8CBF1A] - 19/07/2011 - 16:58:24 ---A- . (.OSA Technologies, An Avocent Company - OSA I/O Port Driver.) -- C:\WINDOWS\system32\drivers\osaio.sys [7296]

O58 - SDL:[MD5.B3C1B187FEFC941F63CE0DF93D02EB9F] - 19/07/2011 - 07:22:00 ---A- . (.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) -- C:\WINDOWS\system32\drivers\sentinel.sys [90176]

O58 - SDL:[MD5.ECA00EED9AB95489007B0EF84C7149DE] - 19/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbam.sys [22712]

O58 - SDL:[MD5.95B4FB835E28AA1336CEEB07FD5B9398] - 19/07/2011 - 20:36:40 ---A- . (.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) -- C:\WINDOWS\system32\drivers\amdagp.sys [43008]

O58 - SDL:[MD5.D956358054E99E6FFAC69CD87E893A89] - 19/07/2011 - 22:18:00 ---A- . (.GARMIN Corp. - grmnusb.sys.) -- C:\WINDOWS\system32\drivers\grmnusb.sys [8320]

O58 - SDL:[MD5.F76CB7259AA575CC53F3996BC6B68C18] - 19/07/2011 - 10:55:22 ---A- . (.Macrovision Europe Ltd - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\CDAC15BA.SYS [12464]

O58 - SDL:[MD5.617ACCADA2E0A0F43EC6030BBAC49513] - 19/07/2011 - 20:02:08 ---A- . (.Sonic Solutions - Px Engine Device Driver for Windows 2000/XP.) -- C:\WINDOWS\system32\drivers\pxhelp20.sys [20576]

O58 - SDL:[MD5.7CEE1200FEFFFFFF000000002CF11200] - 21/05/2011 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [685816]

O58 - SDL:[MD5.2D4027C46B4C6E45875E3C4BA3F67492] - 19/07/2011 - 12:24:50 ---A- . (.MCCI - SAMSUNG USB Composite Device Driver.) -- C:\WINDOWS\system32\drivers\sscdbus.sys [80272]

O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 19/07/2011 - 12:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwh.sys [11188]

O58 - SDL:[MD5.A902A7E76C245210EEE9EF5185158E9C] - 19/07/2011 - 10:20:52 ---A- . (.Conexant Systems, Inc. - HSF_HWAZL WDM driver.) -- C:\WINDOWS\system32\drivers\HSFHWAZL.sys [218496]

O58 - SDL:[MD5.FD396CA96D4F129BB463ED7DCEF453CA] - 19/07/2011 - 22:18:00 ---A- . (.GARMIN Corp. - Generic WDM Support Driver.) -- C:\WINDOWS\system32\drivers\grmngen.sys [18432]

O58 - SDL:[MD5.7F5CAC8B445D1789275C4E8999C59B44] - 19/07/2011 - 12:24:54 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdwhnt.sys [11188]

O58 - SDL:[MD5.C9F4E7DA78A02623ABF78A4A34CE79B1] - 19/07/2011 - 16:53:24 ---A- . (.Conexant Systems, Inc. - HSF_DP driver.) -- C:\WINDOWS\system32\drivers\HSF_DPV.sys [998656]

O58 - SDL:[MD5.E246A32C445056996074A397DA56E815] - 19/07/2011 - 15:57:08 ---A- . (.Conexant - Diagnostic Interface DRIVER.) -- C:\WINDOWS\system32\drivers\mdmxsdk.sys [12544]

O58 - SDL:[MD5.71D348D53597379DFE1DE255D70AF13C] - 19/07/2011 - 12:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem WDM.) -- C:\WINDOWS\system32\drivers\sscdmdm.sys [137884]

O58 - SDL:[MD5.0F0194C4B635C10C3F785E4FEE52D641] - 19/07/2011 - 12:47:06 ---A- . (.Intel Corporation - Intel Graphics Miniport Driver.) -- C:\WINDOWS\system32\drivers\ialmnt5.sys [1166972]

O58 - SDL:[MD5.436D2A8B24E9B407155A177548B02AF2] - 19/07/2011 - 04:33:50 R--A- . (.JOA - JOA Mobile USB Device.) -- C:\WINDOWS\system32\drivers\JA_bus.sys [22144]

O58 - SDL:[MD5.2F64E5F1E4C9AE78346695238F82EFEC] - 19/07/2011 - 04:33:50 R--A- . (.JOA - JOA Mobile USB Modem.) -- C:\WINDOWS\system32\drivers\JA_mdm.sys [40064]

O58 - SDL:[MD5.372D0557ACFED311D7A78E7CCD5DDAB0] - 19/07/2011 - 04:33:50 R--A- . (.JOA - JOA USB Filter Drivers.) -- C:\WINDOWS\system32\drivers\JA_flt.sys [3456]

O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 19/07/2011 - 12:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcm.sys [11877]

O58 - SDL:[MD5.C768C8A463D32C219CE291645A0621A4] - 19/07/2011 - 14:17:00 ---A- . (.Broadcom Corporation - Broadcom Corporation NDIS 5.1 ethernet driver.) -- C:\WINDOWS\system32\drivers\bcm4sbxp.sys [45312]

O58 - SDL:[MD5.369B29797C1EB7D9B000CCBB026C515F] - 19/07/2011 - 12:24:52 ---A- . (.MCCI - Windows 2000/XP support functions.) -- C:\WINDOWS\system32\drivers\sscdcmnt.sys [11877]

O58 - SDL:[MD5.0A58FADE5E12D3A611427292073362CB] - 19/07/2011 - 19:17:38 ---A- . (.ENE Technology Inc. - ENE PCI SmartMedia / XD Card Reader Driver.) -- C:\WINDOWS\system32\drivers\ESM7SK.sys [74752]

O58 - SDL:[MD5.F548F1EBA107BC19E91189E6A460BD0E] - 19/07/2011 - 12:24:52 ---A- . (.MCCI - SAMSUNG CDMA Modem Filter Driver.) -- C:\WINDOWS\system32\drivers\sscdmdfl.sys [10864]

O58 - SDL:[MD5.5AEE9EEDCFBF2B0F9DEC53C27EE722A3] - 19/07/2011 - 19:17:36 ---A- . (.ENE Technology Inc. - ENE PCI Memory Stick Card Reader Driver.) -- C:\WINDOWS\system32\drivers\EMS7SK.sys [61056]

O58 - SDL:[MD5.909D03B3B7FB7C830B74F74F4D0EA7CE] - 19/07/2011 - 16:25:24 ---A- . (.Realtek Semiconductor Corp. - Realtek® High Definition Audio Function Driver.) -- C:\WINDOWS\system32\drivers\RtkHDAud.Sys [4304384]

O58 - SDL:[MD5.8E56AB21D10C368029CEA57DE47D79C2] - 19/07/2011 - 19:17:38 ---A- . (.ENE Technology Inc. - ENE PCI Secure Digital / MMC Card Reader Driver.) -- C:\WINDOWS\system32\drivers\ESD7SK.sys [40064]

O58 - SDL:[MD5.3245BEE5176697FAF0744A2E1288DC77] - 19/07/2011 - 15:57:16 ---A- . (.Windows ® 2000 DDK provider - Windows int15 Driver.) -- C:\WINDOWS\system32\drivers\osanbm.sys [4010]

O58 - SDL:[MD5.6A25F27202F3122A44A6B74EE46E7A76] - 19/07/2011 - 12:13:42 ---A- . (...) -- C:\WINDOWS\system32\drivers\NETMNT.sys [9600]

O58 - SDL:[MD5.A8EB0AA07632A4C936FF6F8EDA5BDEAD] - 19/07/2011 - 14:16:00 ---A- . (.SMSC - SMSC IrCC NDIS 5.0 IrDA FIR Device Driver.) -- C:\WINDOWS\system32\drivers\smcirda.sys [46080]

O58 - SDL:[MD5.66F680409FC3BDDF62741E3E920A8454] - 19/07/2011 - 12:52:30 ---A- . (.Synaptics, Inc. - Synaptics Touchpad Driver.) -- C:\WINDOWS\system32\drivers\SynTP.sys [192672]

O58 - SDL:[MD5.7F1C1F78D709C4A54CBB46EDE7E0B48D] - 19/07/2011 - 05:31:14 ---A- . (.NewTech Infosystems, Inc. - NTI CD-ROM Filter Driver.) -- C:\WINDOWS\system32\drivers\NTIDrvr.sys [6144]

O58 - SDL:[MD5.26C4A4B64D1DD8E6FDFB2F4897BE029C] - 19/07/2011 - 18:20:44 ---A- . (.OSA Technologies - Filesystem Lock driver.) -- C:\WINDOWS\system32\drivers\OsaFsLoc.sys [12106]

O58 - SDL:[MD5.1F76996253071CBAE0A5AB5D8551EF88] - 19/07/2011 - 15:34:40 ---A- . (.OSA Technologies - NDIS Filter Driver.) -- C:\WINDOWS\system32\drivers\NdisFilt.sys [4392]

O58 - SDL:[MD5.306521935042FC0A6988D528643619B3] - 19/07/2011 - 21:17:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\StarOpen.sys [5632]

O58 - SDL:[MD5.7AC43C38CA8FD7ED0B0A4466F753E06E] - 19/07/2011 - 01:04:40 R--A- . (.HP - 1284.4<->Usb Datalink Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZius12.sys [21568]

O58 - SDL:[MD5.B18225739ED9CAA83BA2DF966E9F43E8] - 19/07/2011 - 19:52:42 ---A- . (.Malwarebytes Corporation - Malwarebytes' Anti-Malware.) -- C:\WINDOWS\system32\drivers\mbamswissarmy.sys [41272]

O58 - SDL:[MD5.30CA91E657CEDE2F95359D6EF186F650] - 19/07/2011 - 01:04:40 R--A- . (.HP - IEEE-1284.4-1999 Driver (Windows 2000).) -- C:\WINDOWS\system32\drivers\HPZid412.sys [49664]

O58 - SDL:[MD5.EFD31AFA752AA7C7BBB57BCBE2B01C78] - 19/07/2011 - 01:04:40 R--A- . (.HP - IEEE-1284.4-1999 Print Class Driver.) -- C:\WINDOWS\system32\drivers\HPZipr12.sys [16496]

O58 - SDL:[MD5.3F4BB95E5A44F3BE34824E8E7CAF0737] - 19/07/2011 - 20:00:00 ---A- . (.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows Whistler 32.) -- C:\WINDOWS\system32\drivers\mraid35x.sys [17280]

O58 - SDL:[MD5.1140AB9938809700B46BB88E46D72A96] - 19/07/2011 - 20:00:00 ---A- . (.Acer Laboratories Inc. - ALi mini IDE Driver.) -- C:\WINDOWS\system32\drivers\aliide.sys [5248]

O58 - SDL:[MD5.BF4FAB949A382A8E105F46EBB4937058] - 19/07/2011 - 20:00:00 ---A- . (.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_u3.sys [30688]

O58 - SDL:[MD5.5D8DE112AA0254B907861E9E9C31D597] - 19/07/2011 - 20:00:00 ---A- . (.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) -- C:\WINDOWS\system32\drivers\asc3550.sys [14848]

O58 - SDL:[MD5.62D318E9A0C8FC9B780008E724283707] - 19/07/2011 - 20:00:00 ---A- . (.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) -- C:\WINDOWS\system32\drivers\asc.sys [26496]

O58 - SDL:[MD5.1B698A51CD528D8DA4FFAED66DFC51B9] - 19/07/2011 - 20:00:00 ---A- . (.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) -- C:\WINDOWS\system32\drivers\ultra.sys [36736]

O58 - SDL:[MD5.E3726AD522D0BDAE090671048C991AB3] - 19/07/2011 - 20:00:00 ---A- . (.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) -- C:\WINDOWS\system32\drivers\cmdide.sys [6656]

O58 - SDL:[MD5.83C0F71F86D3BDAF915685F3D568B20E] - 19/07/2011 - 20:00:00 ---A- . (.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) -- C:\WINDOWS\system32\drivers\sparrow.sys [19072]

O58 - SDL:[MD5.80AC1C4ABBE2DF3B738BF15517A51F2C] - 19/07/2011 - 20:00:00 ---A- . (.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\sym_hi.sys [28384]

O58 - SDL:[MD5.1FF3217614018630D0A6758630FC698C] - 19/07/2011 - 20:00:00 ---A- . (.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc810.sys [16256]

O58 - SDL:[MD5.070E001D95CF725186EF8B20335F933C] - 19/07/2011 - 20:00:00 ---A- . (.LSI Logic - Symbios 8XX SCSI Miniport Driver.) -- C:\WINDOWS\system32\drivers\symc8xx.sys [32640]

O58 - SDL:[MD5.0A63FB54039EB5662433CABA3B26DBA7] - 19/07/2011 - 20:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1080.sys [40320]

O58 - SDL:[MD5.907F0AEEA6BC451011611E732BD31FCF] - 19/07/2011 - 20:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql1280.sys [49024]

O58 - SDL:[MD5.156ED0EF20C15114CA097A34A30D8A01] - 19/07/2011 - 20:00:00 ---A- . (.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) -- C:\WINDOWS\system32\drivers\ql12160.sys [45312]

O58 - SDL:[MD5.C79918A5BD269035F3A34D157401B9DF] - 19/07/2011 - 12:17:24 ---A- . (.Intel® Corporation - Intel® Wireless LAN Driver.) -- C:\WINDOWS\system32\drivers\w39n51.sys [1429632]

O58 - SDL:[MD5.59E5D945934EC2E7EAA22AF81813DABF] - 19/07/2011 - 05:58:00 ---A- . (.NVIDIA Corporation - NVIDIA Compatible Windows 2000 Miniport Driver, Version 86.02.) -- C:\WINDOWS\system32\drivers\nv4_mini.sys [3685152]

O58 - SDL:[MD5.08D30AF92C270F2E76787C81589DBAD6] - 19/07/2011 - 14:10:00 ---A- . (.Dritek System Inc. - Dritek PS2 Keyboard Filter Driver.) -- C:\WINDOWS\system32\drivers\DKbFltr.SYS [16896]

O58 - SDL:[MD5.1CC074E0D48383D4E9BFFC6A26C2A58A] - 19/07/2011 - 12:09:26 ---A- . (.Intel Corporation - Intel WLAN Packet Driver.) -- C:\WINDOWS\system32\drivers\s24trans.sys [13568]

O58 - SDL:[MD5.12DAFD934641DCF61E446313BC261EC2] - 19/07/2011 - 21:29:48 ---A- . (.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) -- C:\WINDOWS\system32\drivers\AegisP.sys [21275]

O58 - SDL:[MD5.D68564FCFBDFC04280CDBBB37CF7EF7F] - 19/07/2011 - 12:41:04 ---A- . (.Acer Value Labs, USA - Acer EPM Power Scheme Driver.) -- C:\WINDOWS\system32\drivers\epm-psd.sys [4096]

O58 - SDL:[MD5.50425CBD80468BF53BA90F0D7CC61805] - 19/07/2011 - 12:41:04 ---A- . (.Acer Value Labs, USA - Acer EPM SHD ECV-TO.) -- C:\WINDOWS\system32\drivers\epm-shd.sys [78208]

O58 - SDL:[MD5.90A3935D05B494A5A39D37E71F09A677] - 19/07/2011 - 18:39:16 ---A- . (.Macrovision Corporation, Macrovision Europe - Macrovision SECURITY Driver.) -- C:\WINDOWS\system32\drivers\secdrv.sys [20480]

O58 - SDL:[MD5.6D3ADA4CE95CECA7BCE527A08C4C474E] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ansi.sys [9037]

O58 - SDL:[MD5.0FE9F16075C9ACB941C957B7C649176E] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\country.sys [27097]

O58 - SDL:[MD5.C6D29F29DE7427B1B0775E53E577B623] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\himem.sys [4912]

O58 - SDL:[MD5.582BCDD47CF4B68B5CB528F18E3CB808] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\key01.sys [42809]

O58 - SDL:[MD5.7D30A74B5FB9FE3B245A6CE5FBCD71D5] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos.sys [27916]

O58 - SDL:[MD5.03B945AC0481CD8BB161C3569D8ED1C3] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos411.sys [29370]

O58 - SDL:[MD5.BBC957DC18C17CC027EB80B7C77F2AEA] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos412.sys [29274]

O58 - SDL:[MD5.CF9ED169FF86D935E47999E82359E898] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos404.sys [29146]

O58 - SDL:[MD5.3CFFAEFFF23B0D208214A6D3061A5B1B] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntdos804.sys [29146]

O58 - SDL:[MD5.FBBCFEC1379C5C02D88A361993EDF1B8] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\keyboard.sys [42537]

O58 - SDL:[MD5.CAAA108FD7BF71989946B39704323455] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio.sys [34000]

O58 - SDL:[MD5.6F73F50162DEF60C84B725C18CD9140F] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio404.sys [34560]

O58 - SDL:[MD5.0FDD5E69C1FF3B58043D44F2CC743D45] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio411.sys [35648]

O58 - SDL:[MD5.8842837C4D8311BF8E72BEE8CCC42217] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio412.sys [35424]

O58 - SDL:[MD5.6B56CEB3C6F9D5CD7293DBD9FE23B311] - 19/07/2011 - 20:00:00 ---A- . (...) -- C:\WINDOWS\system32\ntio804.sys [34560]

O58 - SDL:[MD5.77EBF3E9386DAA51551AF429052D88D0] - 19/07/2011 - 20:33:26 ---A- . (...) -- C:\WINDOWS\system32\giveio.sys [5248]

O58 - SDL:[MD5.5D6401DB90EC81B71F8E2C5C8F0FEF23] - 19/07/2011 - 14:28:46 ---A- . (.Windows ® 2000 DDK provider - SpeedFan Device Driver.) -- C:\WINDOWS\system32\speedfan.sys [5248]

 

 

 

---\\ Liste des outils de nettoyage (O63)

O63 - Logiciel: Ad-Remover par C_XX - (.C_XX.) [HKLM] -- Ad-Remover

O63 - Logiciel: HijackThis 2.0.2 - (.TrendMicro.) [HKLM] -- HijackThis

O63 - Logiciel: UsbFix By TeamXscript - (.TeamXscript.) [HKLM] -- Usbfix

O63 - Logiciel: ZHPDiag 1.27 - (.Nicolas Coolman.) [HKLM] -- ZHPDiag_is1

O63 - Logiciel: RSIT - (.random/random.)

O63 - Logiciel: Toolbar SD - (.IDN Team.)

O63 - Logiciel: ToolsCleaner - (.A.Rothstein & dj QUIOU.)

 

 

 

---\\ Liste des services Legacy (O64)

O64 - Services: CurCS - 06/02/2009 - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe - ArcSoft Connect Daemon(ACDaemon) .(.ArcSoft Inc. - ArcSoft Connect Service.) - LEGACY_ACDAEMON

O64 - Services: CurCS - 06/10/2009 - C:\WINDOWS\System32\DRIVERS\AegisP.sys - AEGIS Protocol (IEEE 802.1x) v3.4.9.0(AegisP) .(.Meetinghouse Data Communications - IEEE 802.1X Protocol Driver.) - LEGACY_AEGISP

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\aliide.sys - AliIde(AliIde) .(.Acer Laboratories Inc. - ALi mini IDE Driver.) - LEGACY_ALIIDE

O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\DRIVERS\amdagp.sys - Pilote de filtre du bus AMD AGP(amdagp) .(.Advanced Micro Devices, Inc. - AMD Win2000 AGP Filter.) - LEGACY_AMDAGP

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\asc.sys - asc(asc) .(.Advanced System Products, Inc. - AdvanSys SCSI Controller Driver.) - LEGACY_ASC

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\asc3550.sys - asc3550(asc3550) .(.Advanced System Products, Inc. - AdvanSys Ultra-Wide PCI SCSI Driver.) - LEGACY_ASC3550

O64 - Services: CurCS - 24/10/2005 - C:\Acer\Empowering Technology\admServ.exe - AdminWorks Agent X6(AWService) .(.Avocent Inc. - Service Program for Acer.) - LEGACY_AWSERVICE

O64 - Services: CurCS - 02/11/2010 - C:\WINDOWS\system32\drivers\CDAC11BA.exe - C-DillaCdaC11BA(C-DillaCdaC11BA) .(.Macrovision - Macrovision RTS Service.) - LEGACY_C-DILLACDAC11BA

O64 - Services: CurCS - 02/11/2010 - C:\WINDOWS\system32\drivers\CDAC15BA.sys - CdaC15BA(CdaC15BA) .(.Macrovision Europe Ltd - Macrovision SECURITY Driver.) - LEGACY_CDAC15BA

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\cmdide.sys - CmdIde(CmdIde) .(.CMD Technology, Inc. - Pilote de bus PCI IDE CMD.) - LEGACY_CMDIDE

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\dac2w2k.sys - dac2w2k(dac2w2k) .(.Mylex Corporation - Mylex Disk Array Controller Driver.) - LEGACY_DAC2W2K

O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\dmadmin.exe - Service d'administration du Gestionnaire de disque logique(dmadmin) .(.Microsoft Corp., Veritas Software - Processus du service Gestionnaire de disque.) - LEGACY_DMADMIN

O64 - Services: CurCS - 14/04/2008 - C:\WINDOWS\System32\drivers\dmboot.sys - dmboot(dmboot) .(.Microsoft Corp., Veritas Software - Pilote de démarrage du gestionnaire de disq.) - LEGACY_DMBOOT

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\drivers\dmload.sys - dmload(dmload) .(.Microsoft Corp., Veritas Software. - NT Disk Manager Startup Driver.) - LEGACY_DMLOAD

O64 - Services: CurCS - 23/01/2006 - C:\WINDOWS\system32\drivers\epm-psd.sys - Acer EPM Power Scheme Driver(EpmPsd) .(.Acer Value Labs, USA - Acer EPM Power Scheme Driver.) - LEGACY_EPMPSD

O64 - Services: CurCS - 23/01/2006 - C:\WINDOWS\system32\drivers\epm-shd.sys - Acer EPM System Hardware Driver(EpmShd) .(.Acer Value Labs, USA - Acer EPM SHD ECV-TO.) - LEGACY_EPMSHD

O64 - Services: CurCS - 28/11/2005 - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe - Intel® PROSet/Wireless Event Log(EvtEng) .(.Intel Corporation - Intel® PROSet/Wireless Event Log.) - LEGACY_EVTENG

O64 - Services: CurCS - 15/10/2009 - C:\Program Files\Google\Update\GoogleUpdate.exe - Google Update Service (gupdate)(gupdate) .(.Google Inc. - Programme d'installation de Google.) - LEGACY_GUPDATE

O64 - Services: CurCS - 30/10/2009 - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe - Google Software Updater(gusvc) .(.Google - gusvc.) - LEGACY_GUSVC

O64 - Services: CurCS - 13/01/2005 - C:\Acer\Empowering Technology\eRecovery\int15.sys - int15.sys (int15.sys) .(...) - LEGACY_INT15.SYS

O64 - Services: CurCS - 02/02/2011 - C:\Program Files\Java\jre6\bin\jqs.exe - Java Quick Starter(JavaQuickStarterService) .(.Sun Microsystems, Inc. - Java Quick Starter Service.) - LEGACY_JAVAQUICKSTARTERSERVICE

O64 - Services: CurCS - 18/05/2006 - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe - LightScribeService Direct Disc Labeling Service(LightScribeService) .(.Hewlett-Packard Company - Pas de description.) - LEGACY_LIGHTSCRIBESERVICE

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70587FC1-F1FE-4931-8ECA-F3A73E5CB257}\MpKsl059fd6f3.sys (.not file.) - MpKsl059fd6f3 (MpKsl059fd6f3) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{70587FC1-F1FE-4931-8ECA-F3A73E5CB257}\MpKsl14c7559d.sys (.not file.) - MpKsl14c7559d (MpKsl14c7559d) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{352A3E1A-4947-466E-9FD2-1BDE1B6AD55B}\MpKsl1545e10f.sys (.not file.) - MpKsl1545e10f (MpKsl1545e10f) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKsl31e6e356.sys (.not file.) - MpKsl31e6e356 (MpKsl31e6e356) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{66EB5A84-FB4A-4DF8-8849-D2D09FD73757}\MpKsl4264fd3c.sys (.not file.) - MpKsl4264fd3c (MpKsl4264fd3c) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{CC8B1738-7BE2-4955-B7D7-3042B74182B5}\MpKsl5ee0c2c1.sys (.not file.) - MpKsl5ee0c2c1 (MpKsl5ee0c2c1) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{24C39D1F-3634-419A-822B-A42832432D6D}\MpKsl78a03ae0.sys (.not file.) - MpKsl78a03ae0 (MpKsl78a03ae0) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{352A3E1A-4947-466E-9FD2-1BDE1B6AD55B}\MpKsl865e3a82.sys (.not file.) - MpKsl865e3a82 (MpKsl865e3a82) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKslc380be54.sys (.not file.) - MpKslc380be54 (MpKslc380be54) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{5AC1D08C-71FF-426E-B7B0-4518D6E10500}\MpKsld2d7d400.sys (.not file.) - MpKsld2d7d400 (MpKsld2d7d400) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{15B30FA0-2E06-4999-9351-66C37150EDAD}\MpKsld3c648d7.sys (.not file.) - MpKsld3c648d7 (MpKsld3c648d7) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{8F0134EE-93F4-4D17-9B3F-60CB6DD7EE45}\MpKsle761210b.sys (.not file.) - MpKsle761210b (MpKsle761210b) .(...) - L

O64 - Services: CurCS - ??/??/???? - c:\Documents and Settings\All Users\Application Data\Microsoft\Microsoft Antimalware\Definition Updates\{79A2899B-1775-4AB8-ABE0-1EC13EAFDB28}\MpKslfdcc348c.sys (.not file.) - MpKslfdcc348c (MpKslfdcc348c) .(...) - L

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\mraid35x.sys - mraid35x(mraid35x) .(.American Megatrends Inc. - MegaRAID RAID Controller Driver for Windows.) - LEGACY_MRAID35X

O64 - Services: CurCS - 13/09/2005 - C:\WINDOWS\System32\Drivers\NdisFilt.sys - OSA NdisFilter Protocol(NdisFilt) .(.OSA Technologies - NDIS Filter Driver.) - LEGACY_NDISFILT

O64 - Services: CurCS - 02/05/2005 - C:\WINDOWS\System32\DRIVERS\NETMNT.sys - Acer NetMonitor Protocol (NETMNT) .(...) - LEGACY_NETMNT

O64 - Services: CurCS - 06/09/2009 - C:\Program Files\CDBurnerXP\NMSAccessU.exe - NMSAccessU (NMSAccessU) .(...) - LEGACY_NMSACCESSU

O64 - Services: CurCS - 20/07/2006 - C:\WINDOWS\system32\nvsvc32.exe - NVIDIA Display Driver Service(NVSvc) .(.NVIDIA Corporation - NVIDIA Driver Helper Service, Version 86.02.) - LEGACY_NVSVC

O64 - Services: CurCS - 30/06/2005 - C:\WINDOWS\system32\drivers\osaio.sys - osaio(osaio) .(.OSA Technologies, An Avocent Company - OSA I/O Port Driver.) - LEGACY_OSAIO

O64 - Services: CurCS - 14/01/2005 - C:\WINDOWS\system32\drivers\osanbm.sys - osanbm(osanbm) .(.Windows ® 2000 DDK provider - Windows int15 Driver.) - LEGACY_OSANBM

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\ql1080.sys - ql1080(ql1080) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1080

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\ql12160.sys - ql12160(ql12160) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL12160

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\ql1280.sys - ql1280(ql1280) .(.QLogic Corporation - Miniport Driver for QLogic ISP PCI Adapters.) - LEGACY_QL1280

O64 - Services: CurCS - 28/11/2005 - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe - Intel® PROSet/Wireless Registry Service(RegSrvc) .(.Intel Corporation - Intel® PROSet/Wireless Registry Service.) - LEGACY_REGSRVC

O64 - Services: CurCS - 28/11/2005 - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe - Intel® PROSet/Wireless Service(S24EventMonitor) .(.Intel Corporation - Wireless Management Service.) - LEGACY_S24EVENTMONITOR

O64 - Services: CurCS - 28/11/2005 - C:\WINDOWS\System32\DRIVERS\s24trans.sys - Transport RLAN(s24trans) .(.Intel Corporation - Intel WLAN Packet Driver.) - LEGACY_S24TRANS

O64 - Services: CurCS - 14/03/2006 - C:\WINDOWS\system32\Drivers\SENTINEL.sys - Sentinel(Sentinel) .(.SafeNet, Inc. - Sentinel System Driver (NT Parallel driver).) - LEGACY_SENTINEL

O64 - Services: CurCS - 14/03/2006 - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe - Sentinel Protection Server(SentinelProtectionServer) .(.SafeNet, Inc - Pas de description.) - LEGACY_SENTINELPROTECTI

O64 - Services: CurCS - 13/04/2008 - C:\WINDOWS\System32\DRIVERS\sisagp.sys - Filtre de bus AGP SIS(sisagp) .(.Silicon Integrated Systems Corporation - SiS NT AGP Filter.) - LEGACY_SISAGP

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\sparrow.sys - Sparrow(Sparrow) .(.Adaptec, Inc. - Adaptec AIC-6x60 series SCSI miniport.) - LEGACY_SPARROW

O64 - Services: CurCS - 21/05/2011 - C:\WINDOWS\System32\Drivers\sptd.sys - sptd (sptd) .(...) - LEGACY_SPTD

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\symc810.sys - symc810(symc810) .(.Symbios Logic Inc. - Symbios Logic Inc. SCSI Miniport Driver.) - LEGACY_SYMC810

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\symc8xx.sys - symc8xx(symc8xx) .(.LSI Logic - Symbios 8XX SCSI Miniport Driver.) - LEGACY_SYMC8XX

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\sym_hi.sys - sym_hi(sym_hi) .(.LSI Logic - Symbios Hi-Perf SCSI Miniport Driver.) - LEGACY_SYM_HI

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\sym_u3.sys - sym_u3(sym_u3) .(.LSI Logic - Symbios Ultra3 SCSI Miniport Driver.) - LEGACY_SYM_U3

O64 - Services: CurCS - 10/08/2004 - C:\WINDOWS\System32\DRIVERS\ultra.sys - ultra(ultra) .(.Promise Technology, Inc. - Gestionnaire de miniport ULTRA66 de Promise.) - LEGACY_ULTRA

O64 - Services: CurCS - 10/12/2008 - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe - wampapache(wampapache) .(.Apache Software Foundation - Apache HTTP Server.) - LEGACY_WAMPAPACHE

O64 - Services: CurCS - 17/06/2009 - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe - wampmysqld (wampmysqld) .(...) - LEGACY_WAMPMYSQLD

O64 - Services: CurCS - 09/11/2008 - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe - Yahoo! Updater(YahooAUService) .(.Yahoo! Inc. - AutoUpater Service Module.) - LEGACY_YAHOOAUSERVICE

 

 

 

---\\ File Associations Shell Spawning (O67)

O67 - Shell Spawning: <.bat> <batfile>[HKLM\..\open\Command] (. - .) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKLM\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.com> <ComFile>[HKLM\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKLM\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKLM\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKLM\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKLM\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

O67 - Shell Spawning: <.bat> <batfile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.cpl> <cplfile>[HKCR\..\cplopen\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- C:\Windows\System32\shell32.dll

O67 - Shell Spawning: <.cmd> <cmdfile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.com> <ComFile>[HKCR\..\open\Command] (.Microsoft Corporation - DLL commune du shell Windows.) -- "%1" %*

O67 - Shell Spawning: <.exe> <exefile>[HKCR\..\open\Command] (...) -- "%1" %*

O67 - Shell Spawning: <.html> <htmlfile>[HKCR\..\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

O67 - Shell Spawning: <.js> <JSFile>[HKCR\..\open\Command] (.Microsoft Corporation - Microsoft ® Windows Based Script Host.) -- C:\WINDOWS\System32\WScript.exe

O67 - Shell Spawning: <.reg> <regfile>[HKCR\..\open\Command] (.Microsoft Corporation - Éditeur du Registre.) -- C:\WINDOWS\regedit.exe

 

 

 

---\\ Start Menu Internet (O68)

O68 - StartMenuInternet: <FIREFOX.EXE> <Mozilla Firefox>[HKLM\..\Shell\open\Command] (.Mozilla Corporation - Firefox.) -- C:\Program Files\Mozilla Firefox\firefox.exe

O68 - StartMenuInternet: <Google Chrome> <Google Chrome>[HKLM\..\Shell\open\Command] (.Google Inc. - Google Chrome.) -- C:\Documents and Settings\Léo\Local Settings\Application Data\Google\Chrome\Application\chrome.exe

O68 - StartMenuInternet: <IEXPLORE.EXE> <Internet Explorer>[HKLM\..\Shell\open\Command] (.Microsoft Corporation - Internet Explorer.) -- C:\Program Files\Internet Explorer\IEXPLORE.exe

 

 

 

---\\ Search Browser Infection (O69)

O69 - SBI: SearchScopes [HKCU] ${searchCLSID} [DefaultScope] - (@ieframe.dll,-12512) - Bing

O69 - SBI: SearchScopes [HKCU] {2024B6A0-965E-43BC-A512-622C1A1483A5} - (Yahoo! Search) - Yahoo! Search - Recherche Web

O69 - SBI: SearchScopes [HKCU] {6A1806CD-94D4-4689-BA73-E35EA1EA9990} - (Google) - Google

O69 - SBI: SearchScopes [HKCU] {9D5BD211-422C-4164-9298-BB4186A30F31} - (Live Search) - Bing

O69 - SBI: SearchScopes [HKCU] {CFF4DB9B-135F-47c0-9269-B4C6572FD61A} - (MyStart Search) - http://mystart.incredimail.com

O69 - SBI: SearchScopes [HKCU] {DECA3892-BA8F-44b8-A993-A466AD694AE4} - (Yahoo! Search) - Yahoo! Search - Recherche Web

O69 - SBI: SearchScopes [HKCU] {F55DF861-E933-4615-94B5-BE67D41025EA} - (Bing) - Bing

 

 

 

---\\ Scan Additionnel (O88)

Database Version : 8467 - (05/07/2011)

Clés trouvées (Keys found) : 1

Valeurs trouvées (Values found) : 0

Dossiers trouvés (Folders found) : 0

Fichiers trouvés (Files found) : 0

 

[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF] =>Toolbar.AskSBar

 

 

 

---\\ Etat général des services non Microsoft (EGS) (SR=Running, SS=Stopped)

SR - | Auto 19/07/2011 109056 | (ACDaemon) . (.ArcSoft Inc..) - C:\Program Files\Fichiers communs\ArcSoft\Connection Service\Bin\ACService.exe

SS - | Demand 19/07/2011 72704 | (Adobe LM Service) . (.Adobe Systems.) - C:\Program Files\Fichiers communs\Adobe Systems Shared\Service\Adobelmsvc.exe

SR - | Auto 19/07/2011 1372160 | (ArcGIS License Manager) . (.Macrovision Corporation.) - C:\PROGRA~1\ESRI\License\arcgis9x\lmgrd.exe

SS - | Demand 19/07/2011 85096 | (Autodesk Licensing Service) . (.Autodesk.) - C:\Program Files\Fichiers communs\Autodesk Shared\Service\AdskScSrv.exe

SR - | Auto 19/07/2011 1314816 | (AWService) . (.Avocent Inc..) - C:\Acer\Empowering Technology\admServ.exe

SR - | Auto 19/07/2011 229376 | ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) . (.Apple Computer, Inc..) - C:\Program Files\Bonjour\mDNSResponder.exe

SR - | Auto 19/07/2011 54784 | (C-DillaCdaC11BA) . (.Macrovision.) - C:\WINDOWS\system32\drivers\CDAC11BA.exe

SS - | Demand 19/07/2011 225280 | (dmadmin) . (.Microsoft Corp., Veritas Software.) - C:\WINDOWS\System32\dmadmin.exe

SR - | Auto 19/07/2011 114753 | (EvtEng) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe

SS - | Demand 19/07/2011 654848 | (FLEXnet Licensing Service) . (.Macrovision Europe Ltd..) - C:\Program Files\Fichiers communs\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

SS - | Auto 19/07/2011 133104 | (gupdate) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 19/07/2011 133104 | (gupdatem) . (.Google Inc..) - C:\Program Files\Google\Update\GoogleUpdate.exe

SS - | Demand 19/07/2011 182768 | (gusvc) . (.Google.) - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

SR - | Auto 19/07/2011 153376 | (JavaQuickStarterService) . (.Sun Microsystems, Inc..) - C:\Program Files\Java\jre6\bin\jqs.exe

SR - | Auto 19/07/2011 49152 | (LightScribeService) . (.Hewlett-Packard Company.) - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe

SR - | Auto 19/07/2011 71096 | (NMSAccessU) . (...) - C:\Program Files\CDBurnerXP\NMSAccessU.exe

SR - | Auto 19/07/2011 143426 | (NVSvc) . (.NVIDIA Corporation.) - C:\WINDOWS\system32\nvsvc32.exe

SS - | Auto 19/07/2011 69632 | (Pml Driver HPZ12) . (.HP.) - C:\WINDOWS\SYSTEM32\HPZipm12.exe

SR - | Auto 19/07/2011 217164 | (RegSrvc) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe

SR - | Auto 19/07/2011 540745 | (S24EventMonitor) . (.Intel Corporation.) - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe

SR - | Auto 19/07/2011 206400 | (SentinelProtectionServer) . (.SafeNet, Inc.) - C:\Program Files\Fichiers communs\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exe

SS - | Demand 19/07/2011 24636 | (wampapache) . (.Apache Software Foundation.) - c:\wamp\bin\apache\apache2.2.11\bin\httpd.exe

SS - | Demand 19/07/2011 6582912 | (wampmysqld) . (...) - c:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe

SR - | Auto 19/07/2011 602392 | (YahooAUService) . (.Yahoo! Inc..) - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe

 

 

 

---\\ Recherche Master Boot Record Infection (MBR)(O80)

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, GMER - Rootkit Detector and Remover

Run by Léo at 19/07/2011 12:05:40

 

device: opened successfully

user: MBR read successfully

 

Disk trace:

called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x873798AC]<<

C:\WINDOWS\system32\drivers\sptd.sys

1 ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Harddisk0\DR0[0x87280958]

3 CLASSPNP[0xF76B2FD7] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\000000c2[0x872CC9E8]

5 ACPI[0xF73A6620] -> ntkrnlpa!IofCallDriver[0x804EF1A6] -> \Device\Ide\IdeDeviceP0T0L0-3[0x872E3940]

kernel: MBR read successfully

user & kernel MBR OK

 

 

 

---\\ Recherche Master Boot Record Infection (MBRCheck)(O80)

Written by ad13, http://ad13.geekstog

Run by Léo at 19/07/2011 12:05:42

 

********* Dump file Name *********

C:\PhysicalDisk0_MBR.bin

 

 

 

---\\ Liste des émulateurs de CD/DVD (Hook du MBR)

O58 - SDL:[MD5.7CEE1200FEFFFFFF000000002CF11200] - 21/05/2011 - 00:00:00 ---A- . (...) -- C:\WINDOWS\system32\drivers\sptd.sys [685816]

 

 

 

End of the scan (1469 lines in 05mn 16s)(0)

Modifié le 22 juillet 2011 par laborantin

[bernard53]

Bonjour

 

Dans un premier temps fait ceci.

 

Tu peux contrôler le démarrage de tous ces processus avec un logiciel comme Starter de Code Stuff.

Télécharge et installe Code Stuff Starter :

 

http://telechargement.zebulon.fr/starter.html

 

Après le lancement >> configuration >> Options >> Langage >> French >> OK

 

Ensuite vas dans l’onglet démarrage et décoches les lignes voulues.

 

Ne t'inquiète pas si a l'usage tu veux réactiver l'une d'elles, il suffit de la. recocher

 

Elles sont lancées inutilement au démarrage du système et cela ne comporte aucun danger.

 

 

Lignes à décocher qui sont en relation.

 

O4 - HKLM\..\Run: [ehTray] . (.Microsoft Corporation - Media Center Tray Applet.) -- C:\WINDOWS\ehome\ehtray.exe

O4 - HKLM\..\Run: [RTHDCPL] . (.Realtek Semiconductor Corp. - Realtek HD Audio Control Panel.) -- C:\WINDOWS\RTHDCPL.exe

O4 - HKLM\..\Run: [eDataSecurity Loader] . (.HiTRUST - eDSloader.) -- C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] bthprops.cpl

O4 - HKLM\..\Run: [MSPY2002] . (...) -- C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe

O4 - HKLM\..\Run: [NvCplDaemon] . (.NVIDIA Corporation - NVIDIA Display Properties Extension.) -- C:\WINDOWS\system32\NvCpl.dll

O4 - HKLM\..\Run: [NvMediaCenter] . (.NVIDIA Corporation - NVIDIA Media Center Library.) -- C:\WINDOWS\system32\NvMcTray.dll

O4 - HKLM\..\Run: [LManager] . (.Dritek System Inc. - Acer Launch Manager Keyboard Application.) -- C:\PROGRA~1\LAUNCH~1\LManager.exe

O4 - HKLM\..\Run: [eRecoveryService] . (.acer Inc. - Monitor.) -- C:\Acer\Empowering Technology\eRecovery\Monitor.exe

O4 - HKLM\..\Run: [PHIME2002ASync] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

O4 - HKLM\..\Run: [PHIME2002A] . (.Microsoft Corporation - ???????? 2002a.) -- C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.exe

O4 - HKLM\..\Run: [nwiz] . (...) -- C:\Windows\System32\nwiz.exe

O4 - HKLM\..\Run: [iMJPMIG8.1] . (.Microsoft Corporation - Microsoft IME.) -- C:\WINDOWS\IME\imjp8_1\IMJPMIG.exe

O4 - HKLM\..\Run: [ePower_DMC] . (.Acer Incorporated - Acer ePower Management DMC.) -- C:\Acer\Empowering Technology\ePower\ePower_DMC.exe

O4 - HKLM\..\Run: [AzMixerSel] . (.Realtek Semiconductor Corp. - Azalia Mixer Selector.) -- C:\Program Files\Realtek\InstallShield\AzMixerSel.exe

O4 - HKLM\..\Run: [MSC] . (.Microsoft Corporation - Microsoft Security Client User Interface.) -- c:\Program Files\Microsoft Security Client\msseces.exe

O4 - HKLM\..\Run: [HP Software Update] . (.Hewlett-Packard Development Company, L.P. - Hewlett-Packard Product Assistant.) -- C:\Program Files\HP\HP Software Update\HPWuSchd2.exe

O4 - HKCU\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe

O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\CTFMON.exe

O4 - HKUS\S-1-5-18\..\Run: [DWQueuedReporting] . (.Microsoft Corporation - Watson Subscriber for SENS Network Notifica.) -- C:\PROGRA~1\FICHIE~1\MICROS~1\DW\dwtrig20.exe

O4 - HKUS\S-1-5-21-2965774411-1647369187-2304096231-1005\..\Run: [ctfmon.exe] . (.Microsoft Corporation - CTF Loader.) -- C:\WINDOWS\system32\ctfmon.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\HP Digital Imaging Monitor.lnk . (.Hewlett-Packard Development Company, L.P..) -- C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\Acrobat Assistant.lnk . (.Adobe Systems Inc..) -- C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

O4 - Global Startup: C:\Documents And Settings\All Users\Menu Démarrer\Programmes\Démarrage\ExifLauncher2.lnk . (.FUJIFILM Corporation.) -- C:\Program Files\FinePixViewer\QuickDCF2.exe

 

Redémarres le pc ensuite pour constater le mieux.

 

Ensuite::

 

* Copie le tout le texte présent dans l'encadré ci-dessous (tu le sélectionnes avec ta souris / Clique droit dessus et choisis "copier" ou fait Ctrl+C)

[HKLM\Software\ImInstaller]

[HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF]

FirewallRaz

EmptyFlash

Emptytemp

 

 

Puis Lance ZHPFix depuis le raccourci du bureau.

 

Clique sur l'icone représentant la lettre H (« coller les lignes Helper »)

- Les lignes se collent automatiquement dans ZHPFix, sinon colle les lignes

- Clique sur le bouton « GO » pour lancer le nettoyage,

- Copie/colle la totalité du rapport dans ta prochaine réponse

 

-> laisse travailler l'outil et ne touche à rien ...

 

Une fois terminée, un nouveau rapport s'affiche : copie/colle le contenu de ce dernier dans ta prochaine réponse ...

 

(ce rapport est en outre sauvegardé dans ce dossier > C:\Program files\ZHPDiag\ZHPFixReport.txt)

 

Important : s'il t'est demandé de redémarrer le PC pour finir le nettoyage, fais le de suite !

Modifié le 20 juillet 2011 par bernard53

[laborantin]

Salut Bernard53

J'ai fait tout ce que tu m'as dit et merci

voici le rapport

 

 

Rapport de ZHPFix 1.12.3335 par Nicolas Coolman, Update du 04/07/2011

Fichier d'export Registre :

Run by Léo at 20/07/2011 13:04:56

Windows XP Professional Service Pack 3 (Build 2600)

Web site : ZHPFix Fix de rapport

 

========== Clé(s) du Registre ==========

SUPPRIME Key: HKLM\Software\ImInstaller

SUPPRIME Key: HKLM\Software\Classes\Installer\Features\A28B4D68DEBAA244EB686953B7074FEF

 

========== Valeur(s) du Registre ==========

Aucune valeur présente dans la clé d'exception du registre (FirewallRaz)

 

========== Dossier(s) ==========

SUPPRIME Flash Cookies: 1

SUPPRIME Temporaires Windows: : 392

 

========== Fichier(s) ==========

SUPPRIME Flash Cookies: 0

SUPPRIME Temporaires Windows: : 1480

 

 

========== Récapitulatif ==========

2 : Clé(s) du Registre

1 : Valeur(s) du Registre

2 : Dossier(s)

2 : Fichier(s)

 

 

========== Chemin du fichier rapport ==========

C:\Program Files\ZHPDiag\ZHPFixReport.txt

 

 

 

End of the scan in 00mn 05s

[laborantin]

Bernard53

A titre de vérification, je viens de lancer ZHP à partir de menu démarrer mais je n'ai rien à l'écran.

Je l'ai lancé à partir de la cible il me donne un message et puis plus rien.

dans le gestionnaire de tâche il est en exécution

je t'envoie 2 captures écran.

[laborantin]

Bernard53

A titre de vérification, je viens de lancer ZHP à partir de menu démarrer mais je n'ai rien à l'écran.

Je l'ai lancé à partir de la cible il me donne un message d'erreur "Problème de connexion internet (Socket Error #10054 Connection reset by peer.) "et puis plus rien.

Dans le gestionnaire de tâche il est en exécution.

Merci pour l'aide que tu me portes

Merci à vous tous qui nous aidez sur les forums.

[bernard53]

ne relance pas ZHP et fait ma demande concernant "Code Stuff Starter" et dis moi si tu as du mieux au démarrage.

[laborantin]

ne relance pas ZHP et fait ma demande concernant "Code Stuff Starter" et dis moi si tu as du mieux au démarrage.

 

Bernard53

Excuse moi de ne pas avoir répondu à la question.

Oui j'ai utilisé "Code Stuff Starter" comme tu me l'as dis.

Le démarrage s'est amélioré un peu

Merci

[bernard53]

Bernard53

Excuse moi de ne pas avoir répondu à la question.

Oui j'ai utilisé "Code Stuff Starter" comme tu me l'as dis.

Le démarrage s'est amélioré un peu

Merci

 

 

fait ceci en plus.

 

 

 

Pour XP:

 

1-Démarrer>exécuter> tapes cmd

 

puis chkdsk X: /f /r

 

 

X étant la lettre de ton DD qui doit être surement C.

 

mets bien un espace entre chkdsk et X: puis entre X: et /f puis entre /f et /r

 

Si ta lettre est le C tu as donc ceci chkdsk C: /f /r

 

- Windows affiche : type fichier NTFS : impossible de verrouiller le lecteur en cours

CHKDSK ne peut s'exécuter parce que le volume est utilisé par un autre processus.

Voulez vous que ce volume soit vérifier au prochain démarrage : Oui ou Non

Valider O et Redémarrer le pc.

[laborantin]

fait ceci en plus.

 

 

 

Pour XP:

 

 

puis chkdsk X: /f /r

 

 

X étant la lettre de ton DD qui doit être surement C.

 

mets bien un espace entre chkdsk et X: puis entre X: et /f puis entre /f et /r

 

Si ta lettre est le C tu as donc ceci chkdsk C: /f /r

 

OK! j'ai fait le chkdsk. Windows n'a trouvé aucun problème

Merci Bernard53. je quitte le bureau on se voit demain.

[bernard53]

Ton démarrage est mieux ou pas